CVE-2025-30472

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Corosync versions 3.1.9 and earlier

Description The issue is a stack-based buffer overflow in the orf token endian convert function in exec/totemsrp.c via a large UDP packet, which can be exploited if encryption is disabled or the attacker knows the encryption key.

Recommendations For Corosync versions 3.1.9 and earlier, as a temporary workaround, consider disabling the orf token endian convert function until a patch is available. Restrict access to the vulnerable module to minimize the risk of exploitation. Avoid using large UDP packets in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

DoS

Stack Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-787

Related Identifiers

ALSA-2025:7201

ALSA-2025:7478

ALT-PU-2025-11605

ALT-PU-2025-6822

AZL-59189

AZL-61774

BDU:2025-03217

CVE-2025-30472

DLA-4308-1

INFSA-2025_7201

MGASA-2025-0127

OESA-2025-1365

OPENSUSE-SU-2025:14933-1

OPENSUSE-SU-2025_1084-1

RHSA-2025:7201

RHSA-2025:7478

RHSA-2025_7201

SUSE-SU-2025:1084-1

SUSE-SU-2025_1084-1

USN-7478-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Corosync

Debian

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

CVE-2025-30472

Weakness Enumeration

Related Identifiers

Affected Products

References · 63