Mageia 9: MGASA-2025-0127 High: Corosync Buffer Overflow Risk

mageia

April 5, 2025

Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a l...

Summary

Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet. (CVE-2025-30472)

References

- https://bugs.mageia.org/show_bug.cgi?id=34146

- https://www.cve.org/CVERecord?id=CVE-2025-30472

Topics Covered

security advisory buffer overflow encryption UDP attack corosync Mageia

Resolution

SRPMS

- 9/core/corosync-3.1.7-1.1.mga9

Publication date: 05 Apr 2025

URL: https://advisories.mageia.org/MGASA-2025-0127.html

Type: security

CVE: CVE-2025-30472

Topics Covered

security advisory buffer overflow encryption UDP attack corosync Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia 9: MGASA-2025-0127 High: Corosync Buffer Overflow Risk

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia 9: MGASA-2025-0127 High: Corosync Buffer Overflow Risk

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!