CVE-2026-35092

HIGH

Corosync: corosync: denial of service via integer overflow in join message validation

Title source: cna
STIX 2.1

Description

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol (UDP) packets. This can cause the service to crash, leading to a denial of service. This vulnerability specifically affects Corosync deployments configured to use totemudp/totemudpu mode.

References (17)

Core 17
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:13644
https://access.redhat.com/errata/RHSA-2026:13644
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:13657
https://access.redhat.com/errata/RHSA-2026:13657
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:13673
https://access.redhat.com/errata/RHSA-2026:13673
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:14205
https://access.redhat.com/errata/RHSA-2026:14205
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:14210
https://access.redhat.com/errata/RHSA-2026:14210
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:14211
https://access.redhat.com/errata/RHSA-2026:14211
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:14212
https://access.redhat.com/errata/RHSA-2026:14212
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:14213
https://access.redhat.com/errata/RHSA-2026:14213
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:14214
https://access.redhat.com/errata/RHSA-2026:14214
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:14215
https://access.redhat.com/errata/RHSA-2026:14215
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:14216
https://access.redhat.com/errata/RHSA-2026:14216
Vdb Entry, X_Refsource_Redhat vdb-entry x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2026-35092
Issue Tracking, X_Refsource_Redhat issue-tracking x_refsource_redhat
RHBZ#2453814
https://bugzilla.redhat.com/show_bug.cgi?id=2453814
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:19043
https://access.redhat.com/errata/RHSA-2026:19043
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:19200
https://access.redhat.com/errata/RHSA-2026:19200
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:20916
https://access.redhat.com/errata/RHSA-2026:20916

Scores

CVSS v3 7.5
EPSS 0.0099
EPSS Percentile 57.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-190
Status published
Products (29)
corosync/corosync
Red Hat/Red Hat Enterprise Linux 10
Red Hat/Red Hat Enterprise Linux 10 0:3.1.10-1.el10_2.1
Red Hat/Red Hat Enterprise Linux 10 0:3.1.9-2.el10_1.1
Red Hat/Red Hat Enterprise Linux 10.0 Extended Update Support 0:3.1.9-1.el10_0.2
Red Hat/Red Hat Enterprise Linux 7
Red Hat/Red Hat Enterprise Linux 7 Extended Lifecycle Support 0:2.4.5-7.el7_9.3
Red Hat/Red Hat Enterprise Linux 8
Red Hat/Red Hat Enterprise Linux 8 0:3.1.8-1.el8_10.1
Red Hat/Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 0:3.1.0-3.el8_4.2
... and 19 more
Published Apr 01, 2026
Tracked Since Apr 01, 2026