Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet.

redhat RHSA-2025:7201: RHSA-2025:7201: corosync security update (Moderate)

redhat RHSA-2025:7478: RHSA-2025:7478: corosync security update (Moderate)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0066 advisory.

    Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities:

    CVE-2025-30472:
    Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-     based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet.

Tenable has extracted the preceding description block directly from the Alibaba Cloud Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7478-1 advisory.

    It was discovered that Corosync incorrectly handled certain large UDP packets. If encryption is disabled,     or an attacker knows the encryption key, this issue could be used to cause Corosync to crash, resulting in     a denial of service.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-c55f39aeb3 advisory.

    Security fix for CVE-2025-30472

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-0bafd025de advisory.

    Security fix for CVE-2025-30472

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1084-1 advisory.

    - CVE-2025-30472: Fixed stack buffer overflow from 'orf_token_endian_convert' (bsc#1239987)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
236941	Alibaba Cloud Linux 3 : 0066: corosync (ALINUX3-SA-2025:0066)	Nessus	Alibaba Cloud Linux Local Security Checks	critical
235146	Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Corosync vulnerability (USN-7478-1)	Nessus	Ubuntu Local Security Checks	critical
233806	Fedora 41 : corosync (2025-c55f39aeb3)	Nessus	Fedora Local Security Checks	critical
233804	Fedora 40 : corosync (2025-0bafd025de)	Nessus	Fedora Local Security Checks	critical
233752	SUSE SLES15 / openSUSE 15 Security Update : corosync (SUSE-SU-2025:1084-1)	Nessus	SuSE Local Security Checks	critical

Detections

Analytics

CVE-2025-30472

critical

Tenable Plugins

Coming Soon

critical

critical

critical

critical

critical