USN-4623-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-4623-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-4623-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-4623-1
Related
Published
2020-11-09T12:01:58.660148Z
Modified
2020-11-09T12:01:58.660148Z
Summary
pacemaker vulnerability
Details

Ken Gaillot discovered that Pacemaker incorrectly handled IPC communications permissions. A local attacker could possibly use this issue to bypass ACL restrictions and execute arbitrary code as root.

References

Affected packages

Ubuntu:20.04:LTS / pacemaker

Package

Name
pacemaker

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.3-3ubuntu4.1

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "libpe-rules26": "2.0.3-3ubuntu4.1",
            "libpengine-dev": "2.0.3-3ubuntu4.1",
            "libcrmcluster-dev": "2.0.3-3ubuntu4.1",
            "libcrmcluster29": "2.0.3-3ubuntu4.1",
            "libcrmservice28": "2.0.3-3ubuntu4.1",
            "libpacemaker1": "2.0.3-3ubuntu4.1",
            "pacemaker-resource-agents": "2.0.3-3ubuntu4.1",
            "pacemaker-dev": "2.0.3-3ubuntu4.1",
            "libstonithd26": "2.0.3-3ubuntu4.1",
            "libcib27": "2.0.3-3ubuntu4.1",
            "libstonithd-dev": "2.0.3-3ubuntu4.1",
            "liblrmd-dev": "2.0.3-3ubuntu4.1",
            "pacemaker-doc": "2.0.3-3ubuntu4.1",
            "libcib-dev": "2.0.3-3ubuntu4.1",
            "liblrmd28": "2.0.3-3ubuntu4.1",
            "pacemaker": "2.0.3-3ubuntu4.1",
            "pacemaker-cli-utils": "2.0.3-3ubuntu4.1",
            "libcrmservice-dev": "2.0.3-3ubuntu4.1",
            "pacemaker-common": "2.0.3-3ubuntu4.1",
            "libcrmcommon-dev": "2.0.3-3ubuntu4.1",
            "pacemaker-remote": "2.0.3-3ubuntu4.1",
            "libpe-status28": "2.0.3-3ubuntu4.1",
            "libcrmcommon34": "2.0.3-3ubuntu4.1"
        }
    ]
}

Ubuntu:18.04:LTS / pacemaker

Package

Name
pacemaker

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.18-0ubuntu1.3

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "libcrmcommon3": "1.1.18-0ubuntu1.3",
            "libpe-status10": "1.1.18-0ubuntu1.3",
            "libpengine-dev": "1.1.18-0ubuntu1.3",
            "libcrmcluster-dev": "1.1.18-0ubuntu1.3",
            "libcrmcluster4": "1.1.18-0ubuntu1.3",
            "libpe-rules2": "1.1.18-0ubuntu1.3",
            "libpengine10": "1.1.18-0ubuntu1.3",
            "pacemaker-remote": "1.1.18-0ubuntu1.3",
            "pacemaker-resource-agents": "1.1.18-0ubuntu1.3",
            "pacemaker-common": "1.1.18-0ubuntu1.3",
            "libstonithd-dev": "1.1.18-0ubuntu1.3",
            "liblrmd-dev": "1.1.18-0ubuntu1.3",
            "pacemaker-doc": "1.1.18-0ubuntu1.3",
            "libcib-dev": "1.1.18-0ubuntu1.3",
            "liblrmd1": "1.1.18-0ubuntu1.3",
            "libcib4": "1.1.18-0ubuntu1.3",
            "pacemaker-cli-utils": "1.1.18-0ubuntu1.3",
            "libcrmservice-dev": "1.1.18-0ubuntu1.3",
            "libtransitioner2": "1.1.18-0ubuntu1.3",
            "libcrmcommon-dev": "1.1.18-0ubuntu1.3",
            "libcrmservice3": "1.1.18-0ubuntu1.3",
            "libstonithd2": "1.1.18-0ubuntu1.3",
            "pacemaker": "1.1.18-0ubuntu1.3"
        }
    ]
}

Ubuntu:16.04:LTS / pacemaker

Package

Name
pacemaker

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.14-2ubuntu1.9

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "libcrmcommon3": "1.1.14-2ubuntu1.9",
            "libpe-status10": "1.1.14-2ubuntu1.9",
            "libpengine-dev": "1.1.14-2ubuntu1.9",
            "libcrmcluster-dev": "1.1.14-2ubuntu1.9",
            "libcrmcluster4": "1.1.14-2ubuntu1.9",
            "libpe-rules2": "1.1.14-2ubuntu1.9",
            "libpengine10": "1.1.14-2ubuntu1.9",
            "pacemaker-remote": "1.1.14-2ubuntu1.9",
            "pacemaker-resource-agents": "1.1.14-2ubuntu1.9",
            "pacemaker-common": "1.1.14-2ubuntu1.9",
            "libstonithd-dev": "1.1.14-2ubuntu1.9",
            "liblrmd-dev": "1.1.14-2ubuntu1.9",
            "pacemaker-doc": "1.1.14-2ubuntu1.9",
            "libcib-dev": "1.1.14-2ubuntu1.9",
            "liblrmd1": "1.1.14-2ubuntu1.9",
            "libcib4": "1.1.14-2ubuntu1.9",
            "pacemaker-cli-utils": "1.1.14-2ubuntu1.9",
            "libcrmservice-dev": "1.1.14-2ubuntu1.9",
            "libtransitioner2": "1.1.14-2ubuntu1.9",
            "libcrmcommon-dev": "1.1.14-2ubuntu1.9",
            "libcrmservice3": "1.1.14-2ubuntu1.9",
            "libstonithd2": "1.1.14-2ubuntu1.9",
            "pacemaker": "1.1.14-2ubuntu1.9"
        }
    ]
}