CVE-2025-30472

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Mar 22, 2025

Updated: Apr 1, 2025

CWE ID 787

CWE ID 121

Summary

CVE-2025-30472 is a stack-based buffer overflow vulnerability affecting Corosync versions up to 3.1.9. If encryption is disabled or the attacker obtains the encryption key, they can exploit this issue by sending a large UDP packet to the target system. This vulnerability resides in the orf_token_endian_convert function within the exec/totemsrp.c file. Successful exploitation could allow the attacker to execute arbitrary code and potentially take control of the affected Corosync instance.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Corosync Cluster Engine

Affected Vendors

Corosync

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/4k3Gyp
https://www.cve.org/CVERecord?id=CVE-2025-30472
https://nvd.nist.gov/vuln/detail/CVE-2025-30472

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners