CVE-2025-62601

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes a heap buffer overflow,...

UBUNTU-CVE-2025-62603

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . ParticipantGenericMessage is the DDS Security control-message container that carries not only the handshake but also on going security-control traffic after the handshake, such as...

UBUNTU-CVE-2025-62602

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes a heap buffer overflow,...

UBUNTU-CVE-2025-64098

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes an Out-Of-Memory OOM...

UBUNTU-CVE-2025-62799

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, a heap buffer overflow exists in the Fast-DDS DATAFRAG receive path. An un authenticated sender can transmit a single malformed RTPS...

UBUNTU-CVE-2025-64438

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, a remotely triggerable Out-of-Memory OOM denial-of-service exists in Fast -DDS when processing RTPS GAP submessages under RELIABLE QoS. B...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the readBinaryPropertySeq function when handling manipulated DATA Submessages with altered length fields. An attacker can cause a remote out-of-memory condition and terminate the service by sending...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the DATAFRAG receive packet. An attacker can cause a crash or potentially execute arbitrary code by sending a specially crafted RTPS DATAFRAG packet with manipulated fragmentSize and sampleSize values that...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the readOctetVector function when processing a manipulated DATA Submessage with tampered PIDIDENTITYTOKEN or PIDPERMISSIONSTOKEN fields. An attacker can cause remote process termination and resource exhaustion by...

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop via the processGapMsg function. An attacker can cause excessive memory consumption and process termination by sending a specially crafted GAP packet with a large gap range, leading to an unbounded loop that inserts million...

CVE-2025-64438 Fast-DDS: Unbounded GAP range triggers OOM DoS under RELIABLE QoS

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, a remotely triggerable Out-of-Memory OOM denial-of-service exists in Fast -DDS when processing RTPS GAP submessages under RELIABLE QoS. B...

CVE-2025-64438

CVE-2025-64438 affects Fast DDS, a C++ implementation of the DDS standard. The issue is an Out-of-Memory (OOM) denial-of-service triggered remotely when processing RTPS GAP submessages under RELIABLE QoS: sending a GAP packet with a huge gap range causes StatefulReader::processGapMsg() to loop un...

CVE-2025-64438 Fast-DDS: Unbounded GAP range triggers OOM DoS under RELIABLE QoS

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, a remotely triggerable Out-of-Memory OOM denial-of-service exists in Fast -DDS when processing RTPS GAP submessages under RELIABLE QoS. B...

CVE-2025-64438

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, a remotely triggerable Out-of-Memory OOM denial-of-service exists in Fast -DDS when processing RTPS GAP submessages under RELIABLE QoS. B...

CVE-2025-64098

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes an Out-Of-Memory OOM...

CVE-2025-62799 FastDDS's heap buffer overflow in RTPS DATA_FRAG enables unauthenticated DoS (potential RCE)

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, a heap buffer overflow exists in the Fast-DDS DATAFRAG receive path. An un authenticated sender can transmit a single malformed RTPS...

CVE-2025-62799 FastDDS's heap buffer overflow in RTPS DATA_FRAG enables unauthenticated DoS (potential RCE)

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, a heap buffer overflow exists in the Fast-DDS DATAFRAG receive path. An un authenticated sender can transmit a single malformed RTPS...

CVE-2025-62603 FastDDS has Out-of-memory while parsing GenericMessage when DDS Security is enabled

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . ParticipantGenericMessage is the DDS Security control-message container that carries not only the handshake but also on going security-control traffic after the handshake, such as...

CVE-2025-62603

Fast DDS (DDS security) CVE-2025-62603 arises from the CDR parser deserializing the entire DataHolderSeq in ParticipantGenericMessage, allowing an out-of-memory condition and remote termination. Affected versions prior to the patch (3.4.1, 3.3.1, 2.6.11) are addressed by the vendor, and remediati...

CVE-2025-62603

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . ParticipantGenericMessage is the DDS Security control-message container that carries not only the handshake but also on going security-control traffic after the handshake, such as...