VDB

GCVE-VVD-MAGEIA-2019-394

GCVE-VVD-MAGEIA-2019-394
Advisory Published
Vulnetix · Advisory published December 19, 2019
The updated packages fix security vulnerabilities: A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs. (CVE-2019-3885) A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation. (CVE-2018-16877) A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS. (CVE-2018-16878)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiapacemaker0 (affected), 1.1.19-2.1.mga7 (unaffected)

References

Updated pacemaker packages fix security vulnerabilities
advisory
Updated pacemaker packages fix security vulnerabilities
advisory
Updated pacemaker packages fix security vulnerabilities
advisory
Updated pacemaker packages fix security vulnerabilities
issue
Updated pacemaker packages fix security vulnerabilities
issue
Updated pacemaker packages fix security vulnerabilities
issue
Updated pacemaker packages fix security vulnerabilities
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›