A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol (UDP) packets. This can cause the service to crash, leading to a denial of service. This vulnerability specifically affects Corosync deployments configured to use totemudp/totemudpu mode.
2.3.4-0ubuntu12.3.5-32.3.5-3ubuntu12.3.5-3ubuntu22.3.5-3ubuntu2.12.3.5-3ubuntu2.32.4.2-3build12.4.2-3ubuntu12.4.3-0ubuntu12.4.3-0ubuntu1.12.4.3-0ubuntu1.22.4.3-0ubuntu1.33.0.1-2ubuntu13.0.2-1ubuntu13.0.2-1ubuntu23.0.3-2ubuntu13.0.3-2ubuntu23.0.3-2ubuntu2.13.0.3-2ubuntu2.23.1.6-1ubuntu1.23.1.7-1ubuntu3.23.1.9-2ubuntu1.1Exploitability
AV:NAC:LPR:NUI:NScope
S:UImpact
C:NI:NA:HCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H