Ken Gaillot discovered a vulnerability in the Pacemaker cluster resource manager: If ACLs were configured for users in the quot;haclientquot; group, the ACL restrictions could be bypassed via unrestricted IPC communication, resulting in cluster-wide arbitrary code execution with root privileges. If the quot;enable-aclquot; cluster option isn"t enabled, members of the quot;haclientquot; group can m ...