Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet.

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-c55f39aeb3 advisory.

    Security fix for CVE-2025-30472

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-0bafd025de advisory.

    Security fix for CVE-2025-30472

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1084-1 advisory.

    - CVE-2025-30472: Fixed stack buffer overflow from 'orf_token_endian_convert' (bsc#1239987)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
233806	Fedora 41 : corosync (2025-c55f39aeb3)	Nessus	Fedora Local Security Checks	critical
233804	Fedora 40 : corosync (2025-0bafd025de)	Nessus	Fedora Local Security Checks	critical
233752	SUSE SLES15 / openSUSE 15 Security Update : corosync (SUSE-SU-2025:1084-1)	Nessus	SuSE Local Security Checks	critical

Detections

Analytics

CVE-2025-30472

critical

Tenable Plugins

critical

critical

critical