Critical Security Update for fence-agents: Denial of Service Vulnerability Affected Package: fence-agents-aliyun (Click to see all vulnerabilities of this package) See All Vulnerabilities of Package Summary 04/02/2026 Disclosed on N/A Severity 4.10.0-98.el9_7.5 Patch N\A CVSS Score See more Background The fence-agents package is a collection of scripts designed for managing remote power operations for cluster devices. It plays a crucial role in ensuring that failed or unreachable nodes can be forcibly restarted and removed from the cluster, thus maintaining system integrity and uptime. This package is essential for environments that rely on high availability and clustering technologies. Vulnerability Detail The vulnerability identified as CVE-2026-23490 is a Denial of Service (DoS) issue caused by memory exhaustion resulting from the processing of malformed RELATIVE-OID inputs. This can lead to significant disruptions in service, as the affected system may become unresponsive or crash due to resource depletion. The vulnerability stems from the pyasn1 library, which is utilized within the fence-agents package, highlighting the importance of maintaining up-to-date dependencies. Workaround As a temporary measure, if updating is not immediately feasible, consider disabling the affected components of the fence-agents package until the patch can be applied. This can help mitigate the risk of exploitation while maintaining some level of operational capability. Conclusion The fence-agents package has a critical vulnerability that can lead to Denial of Service due to memory exhaustion. It is essential to update to the patched version to mitigate risks. Users should also consider using tools like Vulert to monitor for vulnerabilities in their applications. For a thorough exploration and assistance in countering such issues, consult the Vulert Vulnerability Database . Share Now On FAQ The vulnerability is a Denial of Service (DoS) issue that can cause memory exhaustion due to malformed inputs. You can use Vulert, which monitors and alerts for open-source vulnerabilities in your software. Check your application against the vulnerability using the Vulert playground at vulert.com/abom . Exploitation of this vulnerability can lead to service disruptions, causing the affected system to become unresponsive or crash. Yes, a patch is available in version 4.10.0-98.el9_7.5 of the fence-agents package. If immediate updating is not possible, consider disabling the affected components of the fence-agents package as a temporary workaround. References https://access.redhat.com/errata/RHSA-2026:1903 https://access.redhat.com/security/cve/CVE-2026-23490 https://bugzilla.redhat.com/2430472 https://errata.almalinux.org/9/ALSA-2026-1903.html View More Check Also Below are some recent vulnerabilities associated with the fence-agents-aliyun package that you should be aware of. N/A CVSS Patched In summary, the fence-agents package has a critical vulnerability that can lead to Denial of Service attacks. Users are urged to update to the latest patched version to mitigate this risk. Implementing temporary workarounds can help maintain service ... Learn More N/A CVSS Patched The fence-agents package has a critical vulnerability that can lead to Denial of Service due to memory exhaustion. It is crucial to update to the latest patched version to ensure the security and stability of your systems. Implementing the suggested ... Learn More N/A CVSS Patched The identified vulnerabilities in the fence-agents packages pose significant risks to the security and stability of clustered environments. Immediate action is required to update the affected packages to mitigate these risks and ensure the continued ... Learn More to view all vulnerabilities associated with fence-agents-aliyun Click Here How To Fix To rectify the vulnerability, it is recommended to update the fence-agents package to the patched version 4.10.0-98.el9_7.5. This can be accomplished by executing the following command in your terminal: 'sudo dnf update fence-agents'. Ensure that your system is configured to pull from the appropriate repositories to access the latest updates. Background The fence-agents package is a collection of scripts designed for managing remote power operations for cluster devices. It plays a crucial role in ensuring that failed or unreachable nodes can be forcibly restarted and removed from the cluster, thus maintaining system integrity and uptime. This package is essential for environments that rely on high availability and clustering technologies. Vulnerability Detail The vulnerability identified as CVE-2026-23490 is a Denial of Service (DoS) issue caused by memory exhaustion resulting from the processing of malformed RELATIVE-OID inputs. This can lead to significant disruptions in service, as the affected system may become unresponsive or crash due to resource depletion. The vulnerability stems from the pyasn1 library, which is utilized within the fence-agents