A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol (UDP) packet. This can lead to an out-of-bounds read, causing a denial of service (DoS) and potentially disclosing limited memory contents. This vulnerability affects Corosync when running in totemudp/totemudpu mode, which is the default configuration.
To mitigate this vulnerability, restrict network access to the Corosync service on UDP port 5405 to only trusted hosts or networks. If Corosync is not required, consider disabling the service.
Example firewall rule to restrict access to a trusted network (replace <TRUSTED_NETWORK> with your network):
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" port port="5405" protocol="udp" source address="<TRUSTED_NETWORK>" accept'
firewall-cmd --reload
To disable the Corosync service:
systemctl stop corosync
systemctl disable corosync
Note that restricting access may impact cluster communication, and disabling the service will prevent cluster operation. A restart of the Corosync service or a system reboot may be required for changes to take full effect.