pcs-0.11.1-10.el9.2.ML.1

エラータID: AXSA:2023-4908:01

Release date: 
Tuesday, January 31, 2023 - 08:07
Subject: 
pcs-0.11.1-10.el9.2.ML.1
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.

Security Fix(es):

* pcs: obtaining an authentication token for hacluster user could lead to privilege escalation (CVE-2022-2735)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-2735
A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemons. A privilege escalation could happen by obtaining an authentication token for a hacluster user. With the "hacluster" token, this flaw allows an attacker to have complete control over the cluster managed by PCS.

Solution: 

Update packages.

CVEs: 
CVE-2022-2735
A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemons. A privilege escalation could happen by obtaining an authentication token for a hacluster user. With the "hacluster" token, this flaw allows an attacker to have complete control over the cluster managed by PCS.
Additional Info: 

N/A

Download: 

SRPMS
  1. pcs-0.11.1-10.el9.2.ML.1.src.rpm
    MD5: c0f11d06bd8dde455195a940051ec7a8
    SHA-256: 2cd39703431b91eda1fc3351a8dd9aec8e2190847d9f12594999aedaa01a3776
    Size: 72.41 MB

Asianux Server 9 for x86_64
  1. pcs-0.11.1-10.el9.2.ML.1.x86_64.rpm
    MD5: 0d1852bd92494caa5eebb20784a03c8b
    SHA-256: 47241f09671f3518c271c04c12f993329ae501aca0eac947d27adf53cafbce7f
    Size: 7.96 MB
  2. pcs-0.11.1-10.el9.2.ML.1.x86_64.rpm
    MD5: 0d1852bd92494caa5eebb20784a03c8b
    SHA-256: 47241f09671f3518c271c04c12f993329ae501aca0eac947d27adf53cafbce7f
    Size: 7.96 MB
  3. pcs-snmp-0.11.1-10.el9.2.ML.1.x86_64.rpm
    MD5: f54b823a9450907f64b2b1052cec42b4
    SHA-256: eda01a4e051296d596aea7314655331f217847402ccf171a11ed6cbcb1a68a60
    Size: 58.66 kB
  4. pcs-snmp-0.11.1-10.el9.2.ML.1.x86_64.rpm
    MD5: f54b823a9450907f64b2b1052cec42b4
    SHA-256: eda01a4e051296d596aea7314655331f217847402ccf171a11ed6cbcb1a68a60
    Size: 58.66 kB