6 matches found
CVE-2024-38925
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter/amcl zmax...
CVE-2024-38923
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter/amcl odomframeid...
CVE-2024-38922
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble version was discovered to contain a heap overflow in the nav2amcl process. This vulnerability is triggered via sending a crafted message to the component /initialpose...
Nav2 安全漏洞
Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that stems from the inclusion of an insecure privilege vulnerability. A local attacker exploiting this vulnerability could execute arbitrary code via the initialposesub thread created by...
PT-2024-20811 · Open Robotics · Ros2 +1
Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions Description: The issue is related to an inappropriate pointer order of map sub and map freemap in the amcl node.cpp file, leading to a use-after-free. Recommendations: For...
PT-2024-20809 · Open Robotics · Ros2 +1
Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating Sytstem 2 ROS2 and Nav2 humble versions Description: A NULL pointer dereference issue was discovered via the isCurrent function at /src/layered costmap.cpp. This issue affects the navigation capabilities of the...