Unrated severityNVD Advisory· Published Mar 31, 2009· Updated Apr 23, 2026

CVE-2008-6560

Description

Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9 and Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (CPU consumption and memory corruption) via a cluster.conf file with many lines. NOTE: it is not clear whether this issue crosses privilege boundaries in realistic uses of the product.

Affected products

Red Hat/Cman5 versions
cpe:2.3:a:redhat:cman:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:redhat:cman:*:*:*:*:*:*:*:*range: <=2.03.08-1
- cpe:2.3:a:redhat:cman:2.03.03-1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:cman:2.03.04-1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:cman:2.03.05-1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:cman:2.03.07-1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.htmlnvdVendor Advisory
bugzilla.redhat.com/show_bug.cginvdVendor Advisory
www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.htmlnvd
www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.htmlnvd
www.ubuntu.com/usn/USN-875-1nvd
exchange.xforce.ibmcloud.com/vulnerabilities/49832nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000