We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Assigner | redhat |
Reserved | 2024-03-28 |
Published | 2024-06-06 |
Updated | 2024-09-24 |
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
Insufficient Verification of Data Authenticity
2024-03-28: | Reported to Red Hat. |
2024-05-27: | Made public. |
https://access.redhat.com/errata/RHSA-2024:3657 (RHSA-2024:3657)
https://access.redhat.com/errata/RHSA-2024:3658 (RHSA-2024:3658)
https://access.redhat.com/errata/RHSA-2024:3659 (RHSA-2024:3659)
https://access.redhat.com/errata/RHSA-2024:3660 (RHSA-2024:3660)
https://access.redhat.com/errata/RHSA-2024:3661 (RHSA-2024:3661)
https://access.redhat.com/errata/RHSA-2024:4400 (RHSA-2024:4400)
https://access.redhat.com/errata/RHSA-2024:4411 (RHSA-2024:4411)
https://access.redhat.com/security/cve/CVE-2024-3049
https://bugzilla.redhat.com/show_bug.cgi?id=2272082 (RHBZ#2272082)