CVE-2025-30472: 
NixOS vulnerability analysis and mitigation

A critical stack-based buffer overflow vulnerability (CVE-2025-30472) was discovered in Corosync through version 3.1.9. The vulnerability exists in the orftokenendian_convert function within exec/totemsrp.c and can be exploited via a large UDP packet when encryption is disabled or if the attacker knows the encryption key (NVD, Corosync).

The vulnerability occurs in the orftokenendianconvert function when converting the endian of orftoken packet. The function fails to validate the orftoken->rtrlistentries against the char tokenconvert[1500] buffer defined in messagehandlerorf_token. This allows an attacker to construct a packet larger than the 1500-byte buffer limit, triggering a stack buffer overflow. The vulnerability has been assigned a CVSS v3.1 Base Score of 9.8 CRITICAL (Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) (NVD).

Successful exploitation of this vulnerability could lead to process crashes or potentially arbitrary code execution. The vulnerability affects the core functionality of Corosync, which is used as a High Availability framework by projects such as Pacemaker and Asterisk, potentially impacting the availability and security of dependent systems (Corosync).