USN-5188-1: Keepalived vulnerability
13 December 2021
Keepalived could be made to access-control bypass if it received a specially crafted message.
- keepalived - Failover and monitoring daemon for LVS clusters
It was discovered that Keepalived incorrectly handled certain messages.
An attacker could possibly use this issue to access-control bypass.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.