[Apollo] Advisories Statistics light light Login

RLSA-2026:13644

Security Mirrored from RHSA-2026:13644
Issued at: 2026-05-06
Updated at: 2026-05-07

Synopsis

Moderate: corosync security update



Description

The corosync packages provide the Corosync Cluster Engine and C APIs for Rocky Linux cluster software.

Security Fix(es):

* corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet (CVE-2026-35091)

* corosync: Corosync: Denial of Service via integer overflow in join message validation (CVE-2026-35092)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 10 aarch64 Rocky Linux 10 ppc64le Rocky Linux 10 s390x Rocky Linux 10 x86_64

Fixes

2453814 2453813

CVEs

CVE-2026-35091 CVE-2026-35092

Affected packages

Rocky Linux 10 x86_64 - CRB

corosync-vqsim-debuginfo-0:3.1.9-2.el10_1.1.x86_64.rpm corosync-vqsim-0:3.1.9-2.el10_1.1.x86_64.rpm

Rocky Linux 10 s390x - AppStream

corosync-debuginfo-0:3.1.9-2.el10_1.1.s390x.rpm corosynclib-debuginfo-0:3.1.9-2.el10_1.1.s390x.rpm corosync-0:3.1.9-2.el10_1.1.src.rpm corosynclib-0:3.1.9-2.el10_1.1.s390x.rpm corosync-debugsource-0:3.1.9-2.el10_1.1.s390x.rpm

Rocky Linux 10 s390x - CRB

corosync-vqsim-0:3.1.9-2.el10_1.1.s390x.rpm corosync-vqsim-debuginfo-0:3.1.9-2.el10_1.1.s390x.rpm

Rocky Linux 10 ppc64le - CRB

corosync-vqsim-0:3.1.9-2.el10_1.1.ppc64le.rpm corosync-vqsim-debuginfo-0:3.1.9-2.el10_1.1.ppc64le.rpm

Rocky Linux 10 aarch64 - AppStream

corosync-0:3.1.9-2.el10_1.1.src.rpm corosynclib-0:3.1.9-2.el10_1.1.aarch64.rpm corosynclib-debuginfo-0:3.1.9-2.el10_1.1.aarch64.rpm corosync-debuginfo-0:3.1.9-2.el10_1.1.aarch64.rpm corosync-debugsource-0:3.1.9-2.el10_1.1.aarch64.rpm

Rocky Linux 10 ppc64le - AppStream

corosync-0:3.1.9-2.el10_1.1.src.rpm corosync-debuginfo-0:3.1.9-2.el10_1.1.ppc64le.rpm corosynclib-0:3.1.9-2.el10_1.1.ppc64le.rpm corosync-debugsource-0:3.1.9-2.el10_1.1.ppc64le.rpm corosynclib-debuginfo-0:3.1.9-2.el10_1.1.ppc64le.rpm

Rocky Linux 10 x86_64 - AppStream

corosync-0:3.1.9-2.el10_1.1.src.rpm corosync-debugsource-0:3.1.9-2.el10_1.1.x86_64.rpm corosync-debuginfo-0:3.1.9-2.el10_1.1.x86_64.rpm corosynclib-0:3.1.9-2.el10_1.1.x86_64.rpm corosynclib-debuginfo-0:3.1.9-2.el10_1.1.x86_64.rpm

Rocky Linux 10 aarch64 - CRB

corosync-vqsim-debuginfo-0:3.1.9-2.el10_1.1.aarch64.rpm corosync-vqsim-0:3.1.9-2.el10_1.1.aarch64.rpm