CVE-2024-25196

Open Robotics Robotic Operating Sytstem 2 ROS2 and Nav2 humble versions were discovered to contain a buffer overflow via the nav2controller process. This vulnerability is triggerd via sending a crafted .yaml file...

CVE-2024-38926

Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter /amcl zshort...

CVE-2024-38921

Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter/amcl zrand...

CVE-2024-38920

CVE-2024-38920 affects Open Robotics ROS 2 (ROS2) and Nav2 humble, describing a use-after-free in the nav2_amcl process. The vulnerability is triggered by remotely sending a request to change the dynamic parameter /amcl max_beams, enabling network-based attack with no user interaction. The CVSS 3...

PT-2024-27792 · Open Robotics · Ros2 +1

Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions Description: The issue is a buffer overflow that occurs via the nav2 amcl process. This is triggered by sending a crafted .yaml file. Recommendations: For Open Robotics...

CVE-2024-25197

Open Robotics Robotic Operating Sytstem 2 ROS2 and Nav2 humble versions were discovered to contain a NULL pointer dereference via the isCurrent function at /src/layeredcostmap.cpp...

CVE-2024-25196

Open Robotics Robotic Operating Sytstem 2 ROS2 and Nav2 humble versions were discovered to contain a buffer overflow via the nav2controller process. This vulnerability is triggerd via sending a crafted .yaml file...