CVE-2022-2735: 
Alma Linux vulnerability analysis and mitigation

CVE-2022-2735 is a security vulnerability discovered in the PCS (Pacemaker Configuration System) project, affecting versions from 0.10.5 onwards including all 0.11.x versions. The vulnerability was discovered by Ondrej Mular from Red Hat and publicly disclosed on September 1, 2022. The issue affects the PCS packages which provide a command-line configuration system for the Pacemaker and Corosync utilities (Openwall, Red Hat Advisory).

The vulnerability stems from incorrect permissions set on a Unix socket used for internal communication between PCS daemons. This security flaw has been assigned a CVSS v3.1 Base Score of 8.4 (High), with the following vector: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. The vulnerability allows local attackers to potentially obtain authentication tokens for the hacluster user, which could lead to privilege escalation (Openwall).

If exploited, this vulnerability allows an attacker to gain complete control over the cluster managed by PCS through obtaining the hacluster user's authentication token. The high CVSS score reflects the serious potential impact on system security, particularly concerning confidentiality, integrity, and availability (Openwall).

Red Hat has released security updates to address this vulnerability across multiple versions of Red Hat Enterprise Linux. Updates are available through security advisories RHSA-2022:6312, RHSA-2022:6313, RHSA-2022:6314, and RHSA-2022:6341. Debian has also addressed this issue in version 0.10.8-1+deb11u1 for the stable distribution (bullseye) (Debian Advisory, Red Hat Advisory).