[ALSA-2025:7478] Moderate: corosync security update
Type:
security
Severity:
moderate
Release date:
2025-07-02
Description:
The corosync packages provide the Corosync Cluster Engine and C APIs for AlmaLinux cluster software. Security Fix(es): * corosync: Stack buffer overflow from 'orf_token_endian_convert' (CVE-2025-30472) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 corosync-vqsim-3.1.9-1.el10_0.1.aarch64.rpm 265aefc13e2396ebcd65b2cfe38d36520158c30d353b2e350558a5532c0fad21
aarch64 corosynclib-3.1.9-1.el10_0.1.aarch64.rpm a2c77fa9a0510f747facc9b557b7f6d0c8aa5a99f4007f64fae4e2abffaf9a84
ppc64le corosync-vqsim-3.1.9-1.el10_0.1.ppc64le.rpm 9535318343ae3268eaef40ea1fb71d57c22caa38362b48e877b5eac99876d99d
ppc64le corosynclib-3.1.9-1.el10_0.1.ppc64le.rpm 9a6959e76da4ff84bbdbd8319c3efb218af002500bbb7830e40a1179eda3b4b4
s390x corosync-vqsim-3.1.9-1.el10_0.1.s390x.rpm 1c35e082f5512dc5afc07a152e5fb5ec280d4e37f4bef39081339d668fec9dd6
s390x corosynclib-3.1.9-1.el10_0.1.s390x.rpm efdd22eb9239a80b503810f56180d33797349fbc752a8ad69f25009d8a2488b8
x86_64 corosynclib-3.1.9-1.el10_0.1.x86_64.rpm 8d010962a2907b77e01f59a0c3564a1b05d05cada4ce6a10a0bdc1b355d58c65
x86_64 corosync-vqsim-3.1.9-1.el10_0.1.x86_64.rpm d0ecbe50be820d3d75a09f1a1dc11d86243144f01b0dc0938f5ae28cfb50b3e7
x86_64_v2 corosynclib-3.1.9-1.el10_0.1.x86_64_v2.rpm 0b10f9c4a4a26284d3c8b1ecdffd9e430e656d5e7c7962663179f15a2b8dfdf6
x86_64_v2 corosync-vqsim-3.1.9-1.el10_0.1.x86_64_v2.rpm 1bd1c5bec6b2383b0c017ec77a0ce536a7e633658ced3cd8307ed2bbd93fc6fb
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.