The init_nss_hash function in exec/totemcrypto.c in Corosync 2.0 before 2.3 does not properly initialize the HMAC key, which allows remote attackers to cause a denial of service (crash) via a crafted packet.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2014-06-06T14:00:00
Updated: 2024-08-06T14:18:09.591Z
Reserved: 2012-12-06T00:00:00
Link: CVE-2013-0250
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2014-06-06T14:55:03.837
Modified: 2014-06-09T13:34:15.860
Link: CVE-2013-0250
Redhat