Vulnerabilities ›

CVE-2026-35092

High ⚡ Exploit Available

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a re

CWE-190 — Weakness Type

                    Published: Apr 1, 2026                      ·  Modified: Apr 8, 2026                      ·  Source: NVD                

CVSS v3

7.5

🔗 NVD Official

📄 Description (English)

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol (UDP) packets. This can cause the service to crash, leading to a denial of service. This vulnerability specifically affects Corosync deployments configured to use totemudp/totemudpu mode.

🤖 AI Executive Summary

An integer overflow vulnerability in Corosync's join message validation allows remote unauthenticated attackers to crash the service via crafted UDP packets, causing denial of service. This affects Corosync deployments using totemudp/totemudpu mode.

📄 Description (Arabic)

ثغرة تجاوز عدد صحيح في وحدة التحقق من صحة رسائل الانضمام في Corosync تسمح للمهاجمين البعيدين بإرسال حزم UDP مصنوعة خصيصاً. يؤدي هذا إلى توقف الخدمة وفقدان توفرها في البيئات المجمعة. تؤثر الثغرة على نشرات Corosync التي تستخدم وضع totemudp/totemudpu.

🤖 ملخص تنفيذي (AI)

A vulnerability in Corosync allows remote attackers to send malicious UDP packets that exploit an integer overflow, crashing the clustering service and disrupting operations. Organizations using totemudp/totemudpu mode are at risk of service unavailability.

🤖 AI Intelligence Analysis Analyzed: May 2, 2026 19:16

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: high

🏢 Affected Saudi Sectors

banking government energy telecom

🎯 MITRE ATT&CK Techniques

T1499.004 T1561.002

⚖️ Saudi Risk Score (AI)

7.0

/ 10.0

🔧 Remediation Steps (English)

Update Corosync to the latest patched version immediately. Implement network segmentation to restrict UDP access to trusted cluster nodes only. Monitor cluster logs for suspicious join attempts and consider disabling totemudp mode if alternative transport mechanisms are available.

🔧 خطوات المعالجة (العربية)

قم بتحديث Corosync إلى أحدث إصدار معدل فوراً. طبق تقسيم الشبكة لتقييد وصول UDP للعقد الموثوقة فقط. راقب سجلات المجموعة للكشف عن محاولات انضمام مريبة وفكر في تعطيل وضع totemudp إن أمكن.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

5.1 5.2 6.1

🔵 SAMA CSF

ID.BE-1 PR.IP-1 DE.CM-1

🟡 ISO 27001:2022

A.12.6.1 A.14.2.1

🔗 References & Sources 3

🔗

https://access.redhat.com/security/cve/CVE-2026-35092

secalert@redhat.com

Third Party Advisory VDB Entry

🔗

https://bugzilla.redhat.com/show_bug.cgi?id=2453169

secalert@redhat.com

Exploit Third Party Advisory

🔗

https://bugzilla.redhat.com/show_bug.cgi?id=2453814

secalert@redhat.com

Issue Tracking Third Party Advisory

📦 Affected Products / CPE 6 entries

corosync:corosync:-

redhat:openshift:4.0

redhat:enterprise_linux:7.0

redhat:enterprise_linux:8.0

redhat:enterprise_linux:9.0

redhat:enterprise_linux:10.0

📊 CVSS Score

7.5

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityN — None / Network

IntegrityN — None / Network

AvailabilityH — High

📋 Quick Facts

Severity High

CVSS Score7.5

CWECWE-190

EPSS0.06%

Exploit ✓ Yes

Patch ✗ No

Published 2026-04-01

Source Feed nvd

🇸🇦 Saudi Risk Score

7.0

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-190

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2026-35092

💬 Comments

Introduce Yourself

Sign In Required