What is the CVSS score of CVE-2025-30472?

CVE-2025-30472 has a contested CVSS base score of 9.0 from a third party (e.g. CISA-ADP), while the vendor rates it Critical. vuln.today uses the vendor rating as authoritative.

Which versions of Corosync are affected by CVE-2025-30472?

CVE-2025-30472 presents critical security risk, a stack-based buffer overflow vulnerability rated CVSS 9.0.. A patch is available.

Is there a public PoC exploit available for CVE-2025-30472?

Yes, a public proof-of-concept exploit is available for CVE-2025-30472. Prioritise patching immediately. EPSS: 0.3%.

How to fix or mitigate CVE-2025-30472?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. If patching is delayed, consider network segmentation to limit exposure.

Corosync CVE-2025-30472

CRITICAL

Stack-based Buffer Overflow (CWE-121)

2025-03-22 cve@mitre.org

Buffer Overflow Stack Overflow Corosync Red Hat Suse

Critical

Disputed · 9.0 NVD

Severity by source

Sources disagree (Medium–Critical)

NVD PRIMARY

9.0 CRITICAL

AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

SUSE

9.8 CRITICAL

AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Red Hat

6.6 MEDIUM

qualitative

vuln.today treats the vendor’s rating as authoritative. A higher third-party CVSS (e.g. CISA-ADP) is shown for transparency but does not drive the headline severity.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch released

Apr 05, 2026 - 20:30 nvd

Patch available

Analysis Generated

Mar 28, 2026 - 18:32 vuln.today

PoC Detected

Nov 03, 2025 - 19:15 vuln.today

Public exploit code

CVE Published

Mar 22, 2025 - 02:15 nvd

CRITICAL 9.0

DescriptionCVE.org

Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet.

AnalysisAI

Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-121. Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet. Affected products include: Corosync. Version information: through 3.1.9.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Vendor StatusVendor

SUSE

Severity: Critical

Product	Status
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production Image SLES15-SP3-SAP-BYOS-Azure Image SLES15-SP3-SAP-BYOS-EC2-HVM Image SLES15-SP3-SAP-BYOS-GCE Image SLES15-SP4-SAP-Azure-LI-BYOS Image SLES15-SP4-SAP-Azure-LI-BYOS-Production Image SLES15-SP4-SAP-Azure-VLI-BYOS Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production Image SLES15-SP4-SAP-BYOS Image SLES15-SP4-SAP-BYOS-Azure Image SLES15-SP4-SAP-BYOS-EC2 Image SLES15-SP4-SAP-BYOS-GCE Image SLES15-SP4-SAP-Hardened Image SLES15-SP4-SAP-Hardened-Azure Image SLES15-SP4-SAP-Hardened-BYOS Image SLES15-SP4-SAP-Hardened-BYOS-Azure Image SLES15-SP4-SAP-Hardened-BYOS-EC2 Image SLES15-SP4-SAP-Hardened-BYOS-GCE Image SLES15-SP4-SAP-Hardened-GCE Image SLES15-SP5-SAP-Azure-3P Image SLES15-SP5-SAP-Azure-LI-BYOS Image SLES15-SP5-SAP-Azure-LI-BYOS-Production Image SLES15-SP5-SAP-Azure-VLI-BYOS Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production Image SLES15-SP5-SAP-BYOS-Azure Image SLES15-SP5-SAP-BYOS-EC2 Image SLES15-SP5-SAP-BYOS-GCE Image SLES15-SP5-SAP-Hardened-Azure Image SLES15-SP5-SAP-Hardened-BYOS-Azure Image SLES15-SP5-SAP-Hardened-BYOS-EC2 Image SLES15-SP5-SAP-Hardened-BYOS-GCE Image SLES15-SP5-SAP-Hardened-GCE Image SLES15-SP6-SAP-Azure-3P Image SLES15-SP6-SAP-Azure-LI-BYOS Image SLES15-SP6-SAP-Azure-LI-BYOS-Production Image SLES15-SP6-SAP-Azure-VLI-BYOS Image SLES15-SP6-SAP-Azure-VLI-BYOS-Production Image SLES15-SP6-SAP-BYOS Image SLES15-SP6-SAP-BYOS-Azure Image SLES15-SP6-SAP-BYOS-EC2 Image SLES15-SP6-SAP-BYOS-GCE Image SLES15-SP6-SAP-Hardened Image SLES15-SP6-SAP-Hardened-Azure Image SLES15-SP6-SAP-Hardened-BYOS Image SLES15-SP6-SAP-Hardened-BYOS-Azure Image SLES15-SP6-SAP-Hardened-BYOS-EC2 Image SLES15-SP6-SAP-Hardened-BYOS-GCE Image SLES15-SP6-SAP-Hardened-EC2 Image SLES15-SP6-SAP-Hardened-GCE Image SLES15-SP7-SAP-Azure Image SLES15-SP7-SAP-Azure-3P Image SLES15-SP7-SAP-Azure-LI-BYOS-Production Image SLES15-SP7-SAP-Azure-VLI-BYOS-Production Image SLES15-SP7-SAP-BYOS-Azure Image SLES15-SP7-SAP-BYOS-EC2 Image SLES15-SP7-SAP-BYOS-GCE Image SLES15-SP7-SAP-EC2 Image SLES15-SP7-SAP-GCE Image SLES15-SP7-SAP-GCE-3P Image SLES15-SP7-SAP-Hardened-Azure Image SLES15-SP7-SAP-Hardened-BYOS-Azure Image SLES15-SP7-SAP-Hardened-BYOS-EC2 Image SLES15-SP7-SAP-Hardened-BYOS-GCE Image SLES15-SP7-SAP-Hardened-GCE	Affected
SUSE Liberty Linux 9	Fixed
SUSE Linux Enterprise High Availability Extension 15 SP3	Fixed
SUSE Linux Enterprise High Availability Extension 15 SP4	Fixed
SUSE Linux Enterprise High Availability Extension 15 SP5	Fixed

CVE-2025-30472 vulnerability details – vuln.today

Back

SUSE Linux Enterprise High Availability Extension 15 SP6	Fixed
openSUSE Leap 15.6	Fixed
openSUSE Tumbleweed	Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7	Fixed
SUSE Linux Enterprise High Availability Extension 16.1	Fixed
SUSE Linux Enterprise Server for SAP applications 16.1	Fixed
openSUSE Leap 15.6	Fixed
SUSE Linux Enterprise High Availability Extension 12 SP5	Fixed
SUSE Linux Enterprise High Availability Extension 15 SP4	Fixed
SUSE Linux Enterprise High Availability Extension 15 SP5	Fixed
SUSE Linux Enterprise Server 12 SP5	Fixed
SUSE Linux Enterprise Server 12 SP5-LTSS	Fixed
SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security	Fixed
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5	Fixed
SUSE Linux Enterprise Server for SAP Applications 12 SP5	Fixed
SUSE Linux Enterprise Desktop 12 SP3	Fixed
SUSE Linux Enterprise Desktop 12 SP4	Fixed
SUSE Linux Enterprise High Availability Extension 12 SP3	Fixed
SUSE Linux Enterprise High Availability Extension 12 SP4	Fixed
SUSE Linux Enterprise High Availability Extension 15 SP3	Fixed
SUSE Linux Enterprise High Availability Extension 15 SP6	Fixed
SUSE Linux Enterprise Server 12 SP3	Fixed
SUSE Linux Enterprise Server 12 SP4	Fixed
SUSE Linux Enterprise Server for SAP Applications 12 SP3	Fixed
SUSE Linux Enterprise Server for SAP Applications 12 SP4	Fixed
SUSE Linux Enterprise Software Development Kit 12 SP3	Fixed
SUSE Linux Enterprise Software Development Kit 12 SP4	Fixed
SUSE Linux Enterprise Software Development Kit 12 SP5	Fixed
openSUSE Leap 15.3	Fixed
openSUSE Leap 15.4	Fixed
openSUSE Leap 15.5	Fixed

Corosync CVE-2025-30472

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Vendor StatusVendor

SUSE

Share

External POC / Exploit Code