109 matches found
CVE-2024-38922
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble version was discovered to contain a heap overflow in the nav2amcl process. This vulnerability is triggered via sending a crafted message to the component /initialpose...
PT-2024-28279 · Open Robotics · Ros2 +1
Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions Description: The issue is a use-after-free vulnerability triggered via remotely sending a request to change the value of dynamic-parameter /amcl odom frame id. This proble...
Nav2 安全漏洞
Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that stems from the component smoothPlan containing a null pointer dereference...
Nav2 安全漏洞
Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that originates from the component computeControl containing a null pointer dereference...
CVE-2024-38925
CVE-2024-38925 affects ROS2 (Open Robotics) and Nav2 humble; a use-after-free flaw in the nav2_amcl process is triggered remotely by a request to change the dynamic parameter /amcl z_max. The vulnerability is documented with high/critical impact across confidentiality, integrity, and availability...
CVE-2024-38927
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter /amcl dobeamskip...
CVE-2024-38925
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter/amcl zmax...
CVE-2024-38921
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter/amcl zrand...
CVE-2024-38924
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter/amcl lasermodeltype...
CVE-2024-38926
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter /amcl zshort...
CVE-2024-38922
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble version was discovered to contain a heap overflow in the nav2amcl process. This vulnerability is triggered via sending a crafted message to the component /initialpose...
CVE-2024-38924
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter/amcl lasermodeltype...
CVE-2024-38922
CVE-2024-38922 affects ROS2/Nav2 humble: a heap overflow in the nav2_amcl process triggered by a crafted message to /initialpose. Documented impacts include memory corruption/crashes; exploit status is not detailed in the sources. Remediation guidance within the provided materials is limited; one...
CVE-2024-38926
CVE-2024-38926 affects the ROS 2 ecosystem (ROS 2 Humble and Nav2 Humble) and is due to a use-after-free in the nav2_amcl process. The vulnerability is triggered by remotely sending a request to change the dynamic-parameter /amcl z_short, indicating a remote-access impact vector. The CVSS v3.1 me...
Nav2 安全漏洞
Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2, which stems from the inclusion of an unsafe privilege vulnerability. An attacker exploiting this vulnerability could execute arbitrary code in nav2amcl by writing a script...
PT-2024-28277 · Open Robotics · Ros2 +1
Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions Description: A use-after-free vulnerability was discovered in the nav2 amcl process of Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions. This issue i...
Nav2 安全漏洞
Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that stems from the inclusion of an unsafe privilege vulnerability. An attacker exploiting this vulnerability could execute arbitrary code in nav2costmap2d by writing a script...
CVE-2024-38926
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter /amcl zshort...
Nav2 安全漏洞
Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that stems from the inclusion of an insecure privilege vulnerability. An attacker exploiting this vulnerability could execute arbitrary code in nav2regulatedpurepursuitcontroller by writi...
Nav2 安全漏洞
Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that originates from the nav2amcl process containing post-release reuse. The vulnerability is triggered by remotely sending a request to change the value of lasermodeltype in the dynamic...