USN-4623-1: Pacemaker vulnerability
9 November 2020
Pacemaker could be made to run programs as an administrator.
- pacemaker - Cluster resource manager
Ken Gaillot discovered that Pacemaker incorrectly handled IPC
communications permissions. A local attacker could possibly use this issue
to bypass ACL restrictions and execute arbitrary code as root.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.