183 matches found
CVE-2024-30259 FastDDS heap buffer overflow when publisher sends malformed packet
FastDDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves malformed RTPS packet, heap buffer overflow occurs on the subscriber. This can remotely crash any Fast-DDS...
CVE-2024-30258
FastDDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves a malformed RTPS packet, the subscriber crashes when creating pthread. This can remotely crash any Fast-DD...
eProsima Fast DDS 安全漏洞
eProsima Fast DDS is the C++ implementation of eProsima's OMG Object Management Group DDS Data Distribution Service standard. A security vulnerability exists in eProsima Fast DDS v.2.14.0 and earlier versions that originated from allowing a local attacker to cause a denial of service DoS and obta...
UBUNTU-CVE-2024-28231
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.14.0, 2.13.4, 2.12.3, 2.10.4, and 2.6.8, manipulated DATA Submessage can cause a heap overflow error in the Fast-DDS process, causing the process to be terminate...
CVE-2024-28231 Manipulated DATA Submessage causes a heap-buffer-overflow error
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.14.0, 2.13.4, 2.12.3, 2.10.4, and 2.6.8, manipulated DATA Submessage can cause a heap overflow error in the Fast-DDS process, causing the process to be terminate...
CVE-2024-28231
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.14.0, 2.13.4, 2.12.3, 2.10.4, and 2.6.8, manipulated DATA Submessage can cause a heap overflow error in the Fast-DDS process, causing the process to be terminate...
CVE-2024-28231 Manipulated DATA Submessage causes a heap-buffer-overflow error
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.14.0, 2.13.4, 2.12.3, 2.10.4, and 2.6.8, manipulated DATA Submessage can cause a heap overflow error in the Fast-DDS process, causing the process to be terminate...
DEBIAN-CVE-2023-50716
eProsima Fast DDS formerly Fast RTPS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATAFRAG Submessage causes a bad-free error, and the Fast-DDS process can be remotely...
Memory corruption
eProsima Fast DDS formerly Fast RTPS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATAFRAG Submessage causes a bad-free error, and the Fast-DDS process can be remotely...
UBUNTU-CVE-2023-50716
eProsima Fast DDS formerly Fast RTPS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATAFRAG Submessage causes a bad-free error, and the Fast-DDS process can be remotely...
CVE-2023-50716
CVE-2023-50716 affects eProsima Fast DDS (formerly Fast RTPS). Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATA_FRAG Submessage can trigger a bad-free memory release within the Inline_qos/SerializedPayload path of the affected object, allowing the Fast-DDS process to b...
CVE-2023-50716 Invalid DATA_FRAG Submessage causes a bad-free error
eProsima Fast DDS formerly Fast RTPS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATAFRAG Submessage causes a bad-free error, and the Fast-DDS process can be remotely...
CVE-2023-50716 Invalid DATA_FRAG Submessage causes a bad-free error
eProsima Fast DDS formerly Fast RTPS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATAFRAG Submessage causes a bad-free error, and the Fast-DDS process can be remotely...
CVE-2023-50716 Invalid DATA_FRAG Submessage causes a bad-free error
eProsima Fast DDS formerly Fast RTPS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATAFRAG Submessage causes a bad-free error, and the Fast-DDS process can be remotely...
eProsima Fast DDS Security Vulnerability
eProsima Fast DDS is the C++ implementation of eProsima's OMG Object Management Group DDS Data Distribution Service standard. A security vulnerability exists in eProsima Fast DDS Fast RTPS versions prior to 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, which stems from an invalid DATAFRAG sub-messag...
Design/Logic Flaw
eProsima Fast DDS formerly Fast RTPS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Even with the application of SROS2, due to the issue where the data pUD and guid values used to disconnect between nodes are not encrypted, a vulnerability has be...
CVE-2023-50257 Disconnect Vulnerability in RTPS Packets Used by SROS2
eProsima Fast DDS formerly Fast RTPS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Even with the application of SROS2, due to the issue where the data pUD and guid values used to disconnect between nodes are not encrypted, a vulnerability has be...
CVE-2023-50257
CVE-2023-50257 affects eProsima Fast DDS (Fast RTPS) with SROS2. The issue: RTPS Disconnect packets (p[UD]/guid) are not encrypted, enabling a malicious actor to forcibly disconnect a Subscriber and deny connections by sending disconnect packets to 239.255.0.1:7400 using the Publisher ID. Impact ...
CVE-2023-50257 Disconnect Vulnerability in RTPS Packets Used by SROS2
eProsima Fast DDS formerly Fast RTPS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Even with the application of SROS2, due to the issue where the data pUD and guid values used to disconnect between nodes are not encrypted, a vulnerability has be...
CVE-2023-50257 Disconnect Vulnerability in RTPS Packets Used by SROS2
eProsima Fast DDS formerly Fast RTPS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Even with the application of SROS2, due to the issue where the data pUD and guid values used to disconnect between nodes are not encrypted, a vulnerability has be...