Bugzilla – Bug 1131353
VUL-0: CVE-2018-16878: pacemaker: Insufficient verification inflicted preference of uncontrolled processes
Last modified: 2024-05-29 17:06:14 UTC
CVE-2018-16878 Insufficient verification inflicted preference of uncontrolled processes can lead to DoS: A flaw was found in pacemaker. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16878
CRD: 2019-04-10 10:00 UTC
Patch series can be found in Bug 1131356 -> https://bugzilla.suse.com/show_bug.cgi?id=1131356
Due to some concerns related to the patchset, the CRD has been moved. CRD: 2019-04-16 10:00 UTC
CRD: 2019-04-17 10:00
Public now.
SUSE-SU-2019:1047-1: An update that solves three vulnerabilities and has four fixes is now available. Category: security (important) Bug References: 1117381,1117934,1128374,1128772,1131353,1131356,1131357 CVE References: CVE-2018-16877,CVE-2018-16878,CVE-2019-3885 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP4 (src): pacemaker-1.1.19+20181105.ccd6b5b10-3.10.1 SUSE Linux Enterprise High Availability 12-SP4 (src): pacemaker-1.1.19+20181105.ccd6b5b10-3.10.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2019:1108-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1131353,1131356 CVE References: CVE-2018-16877,CVE-2018-16878 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP3 (src): pacemaker-1.1.16-6.14.1 SUSE Linux Enterprise High Availability 12-SP3 (src): pacemaker-1.1.16-6.14.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
This is an autogenerated message for OBS integration: This bug (1131353) was mentioned in https://build.opensuse.org/request/show/700145 Factory / pacemaker
openSUSE-SU-2019:1342-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1131353,1131356 CVE References: CVE-2018-16877,CVE-2018-16878 Sources used: openSUSE Leap 42.3 (src): pacemaker-1.1.16-4.12.1
released
SUSE-SU-2019:1209-1: An update that solves three vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1117381,1131353,1131356,1131357 CVE References: CVE-2018-16877,CVE-2018-16878,CVE-2019-3885 Sources used: SUSE Linux Enterprise High Availability 15 (src): pacemaker-1.1.18+20180430.b12c320f5-3.9.4 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2019:1400-1: An update that solves three vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1117381,1131353,1131356,1131357 CVE References: CVE-2018-16877,CVE-2018-16878,CVE-2019-3885 Sources used: openSUSE Leap 15.0 (src): pacemaker-1.1.18+20180430.b12c320f5-lp150.2.9.1
SUSE-SU-2019:2268-1: An update that solves two vulnerabilities and has 7 fixes is now available. Category: security (important) Bug References: 1032511,1127716,1130122,1131353,1131356,1133866,1135317,1136712,1140519 CVE References: CVE-2018-16877,CVE-2018-16878 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP4 (src): pacemaker-1.1.19+20181105.ccd6b5b10-3.13.1 SUSE Linux Enterprise High Availability 12-SP4 (src): pacemaker-1.1.19+20181105.ccd6b5b10-3.13.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-RU-2019:2405-1: An update that has 7 recommended fixes can now be installed. Category: recommended (moderate) Bug References: 1032511,1127716,1130122,1131353,1131356,1133866,1136712 CVE References: Sources used: SUSE Linux Enterprise High Availability 15 (src): pacemaker-1.1.18+20180430.b12c320f5-3.12.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-RU-2019:2214-1: An update that has 7 recommended fixes can now be installed. Category: recommended (moderate) Bug References: 1032511,1127716,1130122,1131353,1131356,1133866,1136712 CVE References: Sources used: openSUSE Leap 15.0 (src): pacemaker-1.1.18+20180430.b12c320f5-lp150.2.12.1
SUSE-SU-2020:1072-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1131353,1131356 CVE References: CVE-2018-16877,CVE-2018-16878 Sources used: SUSE Linux Enterprise High Availability 12-SP2 (src): pacemaker-1.1.15-23.9.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.