Details:
The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software.
Security Fix(es):
corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet (CVE-2026-35091)
corosync: Corosync: Denial of Service via integer overflow in join message validation (CVE-2026-35092)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
0:3.1.9-1.el10_0.20:3.1.9-1.el10_0.20:3.1.9-1.el10_0.20:3.1.9-1.el10_0.20:3.1.9-1.el10_0.20:3.1.9-1.el10_0.20:3.1.9-1.el10_0.20:3.1.9-1.el10_0.2Exploitability
AV:NAC:LPR:NUI:NScope
S:UImpact
C:LI:NA:H8.2/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H