562 matches found
CVE-2023-39949
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper validation of sequence numbers may lead to remotely reachable assertion failure. This can remotely crash any Fast-DDS process. Versions...
CVE-2023-39948
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0 and 2.6.5, the BadParamException thrown by Fast CDR is not caught in Fast DDS. This can remotely crash any Fast DDS process. Versions 2.10.0 and 2.6.5 conta...
UBUNTU-CVE-2023-39534
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0, 2.9.2, and 2.6.5, a malformed GAP submessage can trigger assertion failure, crashing FastDDS. Version 2.10.0, 2.9.2, and 2.6.5 contain a patch for this iss...
UBUNTU-CVE-2023-39946
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, heap can be overflowed by providing a PIDPROPERTYLIST parameter that contains a CDR string with length larger than the size of...
CVE-2023-39945
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.0, 2.10.2, 2.9.2, and 2.6.5, a data submessage sent to PDP port raises unhandled BadParamException in fastcdr, which in turn crashes fastdds. Versions 2.11.0,...
CVE-2023-39949
CVE-2023-39949 affects eProsima Fast DDS, a C++ implementation of DDS. The issue is improper validation of sequence numbers in Fast DDS, which can lead to a remotely reachable assertion failure and remote crash of a Fast DDS process. The vulnerability exists in versions prior to 2.9.1 and 2.6.5; ...
CVE-2023-39949 Improper validation of sequence numbers leading to remotely reachable assertion failure
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper validation of sequence numbers may lead to remotely reachable assertion failure. This can remotely crash any Fast-DDS process. Versions...
CVE-2023-39949 Improper validation of sequence numbers leading to remotely reachable assertion failure
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper validation of sequence numbers may lead to remotely reachable assertion failure. This can remotely crash any Fast-DDS process. Versions...
CVE-2023-39949 Improper validation of sequence numbers leading to remotely reachable assertion failure
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper validation of sequence numbers may lead to remotely reachable assertion failure. This can remotely crash any Fast-DDS process. Versions...
CVE-2023-39949
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper validation of sequence numbers may lead to remotely reachable assertion failure. This can remotely crash any Fast-DDS process. Versions...
CVE-2023-39948
CVE-2023-39948 affects eprosima Fast DDS (Data Distribution Service) where BadParamException thrown by Fast CDR is not caught in Fast DDS, allowing a remote crash. Affected versions before 2.10.0 and 2.6.5 expose this issue; patch is provided in 2.10.0 and 2.6.5. Remediation involves upgrading to...
CVE-2023-39948 Uncaught fastcdr exception (Unexpected CDR type received) crashing fastdds
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0 and 2.6.5, the BadParamException thrown by Fast CDR is not caught in Fast DDS. This can remotely crash any Fast DDS process. Versions 2.10.0 and 2.6.5 conta...
CVE-2023-39948
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0 and 2.6.5, the BadParamException thrown by Fast CDR is not caught in Fast DDS. This can remotely crash any Fast DDS process. Versions 2.10.0 and 2.6.5 conta...
CVE-2023-39947 Another heap overflow in push_back_helper
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, even after the fix at commit 3492270, malformed PIDPROPERTYLIST parameters cause heap overflow at a different program counter. Th...
CVE-2023-39947
CVE-2023-39947 affects eProsima Fast DDS (C++ DDS) prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6. The root cause is malformed PID_PROPERTY_LIST parameter handling that can cause a heap overflow at a different program counter, enabling a remote crash of a Fast-DDS process. A patch exists in t...
CVE-2023-39947 Another heap overflow in push_back_helper
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, even after the fix at commit 3492270, malformed PIDPROPERTYLIST parameters cause heap overflow at a different program counter. Th...
CVE-2023-39947 Another heap overflow in push_back_helper
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, even after the fix at commit 3492270, malformed PIDPROPERTYLIST parameters cause heap overflow at a different program counter. Th...
CVE-2023-39947
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, even after the fix at commit 3492270, malformed PIDPROPERTYLIST parameters cause heap overflow at a different program counter. Th...
CVE-2023-39946
Summary: CVE-2023-39946 affects eProsima Fast DDS. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, a heap overflow can be triggered by a PID_PROPERTY_LIST containing a crafted CDR string. In ParameterPropertyList_t::push_back_helper, the second memcpy can copy user-controlled data from the CD...
CVE-2023-39946 Heap overflow in push_back_helper due to a CDR message
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, heap can be overflowed by providing a PIDPROPERTYLIST parameter that contains a CDR string with length larger than the size of...