An integer overflow flaw in the Pacemaker CIB remote listener poses a critical risk of denial of service from unauthenticated remote attackers.

This vulnerability involves an integer overflow in the remote message decompression process. An unauthenticated remote attacker can leverage this flaw to cause memory corruption and a denial of service (DoS) in the CIB remote listener.

With a CVSS score of 8.6, this vulnerability represents a significant risk to cluster availability. Successful exploitation results in the disruption of critical cluster management services, leading to potential system downtime and operational instability. While remote code execution is currently considered unlikely, the memory corruption aspect necessitates urgent remediation to prevent service outages.

Immediate Action: Apply the security patches provided by the vendor at https://github.com/clusterLabs/pacemaker/pull/4128.

Proactive Monitoring: Monitor the CIB remote listener logs for unusual traffic patterns or service crashes that may indicate exploitation attempts.

Compensating Controls: Implement network access controls to restrict access to the CIB remote listener port to only authorized management nodes.

Public Exploit Available: false

Given the high CVSS score and the potential for service disruption, administrators should prioritize the application of the vendor-provided patches. Immediate deployment of these updates is required to mitigate the risk of denial-of-service attacks against critical cluster infrastructure.