Public Date:
1652646: CVE-2018-16877 pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc
A flaw was found in the way pacemaker's client-server authentication was implemented. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.

Find out more about CVE-2018-16877 from the MITRE CVE dictionary dictionary and NIST NVD.


This is essentially a design level security flaw which can be combined with other flaws to achieve local privilege escalation for clusters running pacemaker. The attacker needs to have access to the cluster node running pacemaker (AV:L). The attacker can use easily use the design flaw via the confused deputy problem to run the exploit (AC:L), also needs to have login access to the pacemaker node to run the exploit (PR:L).

Due to the elevated privileges obtained, there is an impact to the system beyond the pacemaker node itself (S:C). Lastly due to the attacker's ability to run arbitrary code as root, confidentiality, integrity, and availability of the system is affected. (CIA:H)

CVSS v3 metrics

CVSS3 Base Score 8.8
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Changed
Confidentiality High
Integrity Impact High
Availability Impact High

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 7 (pacemaker) RHSA-2019:1278 2019-05-27
Red Hat Enterprise Linux 8 (pacemaker) RHSA-2019:1279 2019-05-27
Red Hat Enterprise Linux 8 (pacemaker) RHSA-2019:1279 2019-05-27
Red Hat Enterprise Linux 8 (pacemaker) RHSA-2019:1279 2019-05-27

Affected Packages State

Platform Package State
Red Hat Gluster Storage 3 pacemaker Will not fix
Red Hat Enterprise Linux 6 pacemaker Will not fix


This issue was discovered by Jan Pokorný (Red Hat).
Last Modified