Fedora 43 Pacemaker Key Integer Overflow Vulnerability Denial of Service
fedora
June 26, 2026
* Wed Jun 17 2026 Klaus Wenninger - 3.0.2-3 - fix CVE-2026-10649: Fix integer overflows in remote message code
Summary
Pacemaker is an advanced, scalable High-Availability cluster resource
manager.
It supports more than 16 node clusters with significant capabilities
for managing resources and dependencies.
It will run scripts at initialization, when machines go up or down,
when related resources fail and can be configured to periodically check
resource health.
Available rpmbuild rebuild options:
--with(out) : cibsecrets hardening linuxha nls pre_release profiling
Update Information:
* Wed Jun 17 2026 Klaus Wenninger
Topics Covered
Change Log
* Wed Jun 17 2026 Klaus Wenninger
References
[ 1 ] Bug #2489310 - CVE-2026-10649 pacemaker: Pacemaker: Denial of Service via integer overflow in remote message decompression [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2489310
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-6a4bfb1309' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Name: pacemaker
Product: Fedora 43
Version: 3.0.2
Release: 3.fc43
Summary: Scalable High-Availability cluster resource manager
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!