[ALSA-2025:7201] Moderate: corosync security update
Type:
security
Severity:
moderate
Release date:
2025-07-02
Description:
The corosync packages provide the Corosync Cluster Engine and C APIs for AlmaLinux cluster software. Security Fix(es): * corosync: Stack buffer overflow from 'orf_token_endian_convert' (CVE-2025-30472) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinuxRelease Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 corosync-vqsim-3.1.9-2.el9_6.aarch64.rpm e110dc4a8f166f970f62f96c357a54f3da43a942e1b4880f275bbb7585f2fdd1
aarch64 corosynclib-3.1.9-2.el9_6.aarch64.rpm e3a45ead503a5446b54ef625ff2d6fb85106433c8db69b88551a89a1228c174c
i686 corosynclib-3.1.9-2.el9_6.i686.rpm 1907074b58e6e38f909ccae66891e3e6fbccd1bd3306776ead3589fce9aeea4c
ppc64le corosync-vqsim-3.1.9-2.el9_6.ppc64le.rpm 0e2d4608e07a9a7af4693e877dcc520a4daafee32ffe43e48088920d67c0106a
ppc64le corosynclib-3.1.9-2.el9_6.ppc64le.rpm bde5abb2f9787a42eb63bc5998a9f9596516107869a0e5602c1b156a4af0bacf
s390x corosync-vqsim-3.1.9-2.el9_6.s390x.rpm 5dbf3a6dff3c327fde9c09b997cda5f4e7f53eb565f3658f657af23503410c8b
s390x corosynclib-3.1.9-2.el9_6.s390x.rpm 6d7d26d47200b5ffa1616a8da8f37093e94d3278b78cebd2db137451e1fd9d2c
x86_64 corosynclib-3.1.9-2.el9_6.x86_64.rpm 615be72dad8227b0bba1c8fd99101aef9a672912c48a1cba09a9d1fe29068298
x86_64 corosync-vqsim-3.1.9-2.el9_6.x86_64.rpm a590511064a304a22fdffab9093dfcfecabe8af788da8b63fef8693d5b81542a
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.