INFSA-2025:8319: pcs security update
Information about definition
Identificator: INFSA-2025:8319
Type: security
Release date: 2025-07-15 19:47:43 UTC
Information about package
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
Vulnerabilities description
- CVE-2025-46727
A flaw was found in Rack::QueryParser. This vulnerability allows denial of service via oversized HTTP requests containing many parameters, resulting in memory exhaustion that consumes all available memory or CPU resource pinning, which keeps the CPU constantly busy.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-46727
|
no information | 7.5 | no information |
Updated packages