A security issue was discovered in pcs project. It is caused by incorrect permissions on a unix socket used for internal communication between pcs daemons. A privilege escalation could happen by obtaining authentication token for hacluster user. With the hacluster token, an attacker has complete control over the cluster managed by pcs. The bug was introduced in pcs version 0.10.5 by this bz [1] [1] https://bugzilla.redhat.com/show_bug.cgi?id=1783106
Created pcs tracking bugs for this issue: Affects: fedora-all [bug 2123389]
The issue is public now : https://www.openwall.com/lists/oss-security/2022/09/01/4
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:6312 https://access.redhat.com/errata/RHSA-2022:6312
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:6313 https://access.redhat.com/errata/RHSA-2022:6313
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:6314 https://access.redhat.com/errata/RHSA-2022:6314
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2022:6341 https://access.redhat.com/errata/RHSA-2022:6341
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-2735
Upstream Commit: https://github.com/ClusterLabs/pcs/commit/de068e2066e377d1cc77edf25aed0198e4c77f7b