{"affected":[{"ecosystem_specific":{"binaries":[{"corosync":"2.4.6-150300.12.13.1","corosync-qdevice":"2.4.6-150300.12.13.1","corosync-qnetd":"2.4.6-150300.12.13.1","corosync-testagents":"2.4.6-150300.12.13.1","libcfg6":"2.4.6-150300.12.13.1","libcmap4":"2.4.6-150300.12.13.1","libcorosync-devel":"2.4.6-150300.12.13.1","libcorosync_common4":"2.4.6-150300.12.13.1","libcpg4":"2.4.6-150300.12.13.1","libquorum5":"2.4.6-150300.12.13.1","libsam4":"2.4.6-150300.12.13.1","libtotem_pg5":"2.4.6-150300.12.13.1","libvotequorum8":"2.4.6-150300.12.13.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Availability Extension 15 SP3","name":"corosync","purl":"pkg:rpm/suse/corosync&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.4.6-150300.12.13.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"corosync":"2.4.6-150300.12.13.1","corosync-qdevice":"2.4.6-150300.12.13.1","corosync-qnetd":"2.4.6-150300.12.13.1","corosync-testagents":"2.4.6-150300.12.13.1","libcfg6":"2.4.6-150300.12.13.1","libcmap4":"2.4.6-150300.12.13.1","libcorosync-devel":"2.4.6-150300.12.13.1","libcorosync_common4":"2.4.6-150300.12.13.1","libcpg4":"2.4.6-150300.12.13.1","libquorum5":"2.4.6-150300.12.13.1","libsam4":"2.4.6-150300.12.13.1","libtotem_pg5":"2.4.6-150300.12.13.1","libvotequorum8":"2.4.6-150300.12.13.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Availability Extension 15 SP4","name":"corosync","purl":"pkg:rpm/suse/corosync&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.4.6-150300.12.13.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"corosync":"2.4.6-150300.12.13.1","corosync-qdevice":"2.4.6-150300.12.13.1","corosync-qnetd":"2.4.6-150300.12.13.1","corosync-testagents":"2.4.6-150300.12.13.1","libcfg6":"2.4.6-150300.12.13.1","libcmap4":"2.4.6-150300.12.13.1","libcorosync-devel":"2.4.6-150300.12.13.1","libcorosync_common4":"2.4.6-150300.12.13.1","libcpg4":"2.4.6-150300.12.13.1","libquorum5":"2.4.6-150300.12.13.1","libsam4":"2.4.6-150300.12.13.1","libtotem_pg5":"2.4.6-150300.12.13.1","libvotequorum8":"2.4.6-150300.12.13.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Availability Extension 15 SP5","name":"corosync","purl":"pkg:rpm/suse/corosync&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.4.6-150300.12.13.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"corosync":"2.4.6-150300.12.13.1","corosync-qdevice":"2.4.6-150300.12.13.1","corosync-qnetd":"2.4.6-150300.12.13.1","corosync-testagents":"2.4.6-150300.12.13.1","libcfg6":"2.4.6-150300.12.13.1","libcmap4":"2.4.6-150300.12.13.1","libcorosync-devel":"2.4.6-150300.12.13.1","libcorosync_common4":"2.4.6-150300.12.13.1","libcpg4":"2.4.6-150300.12.13.1","libquorum5":"2.4.6-150300.12.13.1","libsam4":"2.4.6-150300.12.13.1","libtotem_pg5":"2.4.6-150300.12.13.1","libvotequorum8":"2.4.6-150300.12.13.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Availability Extension 15 SP6","name":"corosync","purl":"pkg:rpm/suse/corosync&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.4.6-150300.12.13.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"corosync":"2.4.6-150300.12.13.1","corosync-qdevice":"2.4.6-150300.12.13.1","corosync-qnetd":"2.4.6-150300.12.13.1","corosync-testagents":"2.4.6-150300.12.13.1","libcfg6":"2.4.6-150300.12.13.1","libcfg6-32bit":"2.4.6-150300.12.13.1","libcmap4":"2.4.6-150300.12.13.1","libcmap4-32bit":"2.4.6-150300.12.13.1","libcorosync-devel":"2.4.6-150300.12.13.1","libcorosync_common4":"2.4.6-150300.12.13.1","libcorosync_common4-32bit":"2.4.6-150300.12.13.1","libcpg4":"2.4.6-150300.12.13.1","libcpg4-32bit":"2.4.6-150300.12.13.1","libquorum5":"2.4.6-150300.12.13.1","libquorum5-32bit":"2.4.6-150300.12.13.1","libsam4":"2.4.6-150300.12.13.1","libsam4-32bit":"2.4.6-150300.12.13.1","libtotem_pg5":"2.4.6-150300.12.13.1","libtotem_pg5-32bit":"2.4.6-150300.12.13.1","libvotequorum8":"2.4.6-150300.12.13.1","libvotequorum8-32bit":"2.4.6-150300.12.13.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"corosync","purl":"pkg:rpm/opensuse/corosync&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.4.6-150300.12.13.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for corosync fixes the following issues:\n\n- CVE-2025-30472: Fixed stack buffer overflow from 'orf_token_endian_convert' (bsc#1239987)\n","id":"SUSE-SU-2025:1084-1","modified":"2025-04-01T10:19:03Z","published":"2025-04-01T10:19:03Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-20251084-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1239987"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-30472"}],"related":["CVE-2025-30472"],"summary":"Security update for corosync","upstream":["CVE-2025-30472"]}