corosync: fix CVE-2025-30472 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Jiaying Song <jiaying.song.cn@windriver.com>	2025-04-14 13:07:00 +0800
committer	Armin Kuster <akuster808@gmail.com>	2025-04-20 13:42:58 -0400
commit	709ab51234c8cc230dc4b53b76d87c08583a808c (patch)
tree	16cd686e3ac43b3cbeaae6a134e716dad421734f /meta-python/recipes-devtools/python/python3-matplotlib-inline_0.1.2.bb
parent	f8dddbfcbfe502cb71375a7a907e61a92e8d4474 (diff)
download	meta-openembedded-709ab51234c8cc230dc4b53b76d87c08583a808c.tar.gz

corosync: fix CVE-2025-30472

Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet. References: https://nvd.nist.gov/vuln/detail/CVE-2025-30472 Upstream patches: https://github.com/corosync/corosync/commit/7839990f9cdf34e55435ed90109e82709032466a Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python3-matplotlib-inline_0.1.2.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: