26 matches found
CVE-2024-38924
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter/amcl lasermodeltype...
CVE-2024-38910
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble version was discovered to contain a use-after-free in the nav2amcl process. This vulnerability is triggered via sending a request to change dynamic parameters...
CVE-2024-37863
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a buffer overflow via the nav2amcl process. This vulnerability is triggered via sending a crafted .yaml file...
CVE-2024-38927
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter /amcl dobeamskip...
CVE-2024-38921
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter/amcl zrand...
CVE-2024-38922
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble version was discovered to contain a heap overflow in the nav2amcl process. This vulnerability is triggered via sending a crafted message to the component /initialpose...
CVE-2024-38922
CVE-2024-38922 affects ROS2/Nav2 humble: a heap overflow in the nav2_amcl process triggered by a crafted message to /initialpose. Documented impacts include memory corruption/crashes; exploit status is not detailed in the sources. Remediation guidance within the provided materials is limited; one...
CVE-2024-38925
CVE-2024-38925 affects ROS2 (Open Robotics) and Nav2 humble; a use-after-free flaw in the nav2_amcl process is triggered remotely by a request to change the dynamic parameter /amcl z_max. The vulnerability is documented with high/critical impact across confidentiality, integrity, and availability...
CVE-2024-38923
Open Robotics ROS2 Humble and Nav2 Humble contain a use-after-free in the nav2_amcl process. The issue is triggered by a remote request to modify the dynamic parameter /amcl_odom_frame_id, enabling an attacker over the network to potentially compromise the affected system. CVSS indicates CRITICAL...
CVE-2024-38926
CVE-2024-38926 affects the ROS 2 ecosystem (ROS 2 Humble and Nav2 Humble) and is due to a use-after-free in the nav2_amcl process. The vulnerability is triggered by remotely sending a request to change the dynamic-parameter /amcl z_short, indicating a remote-access impact vector. The CVSS v3.1 me...
CVE-2024-38921
CVE-2024-38921 affects ROS 2 / Nav2 Humble, with a use-after-free in the nav2_amcl process triggered by a remote request to change the value of the dynamic parameter /amcl z_rand. Affected components: Open Robotics ROS 2 and Nav2 humble versions; root cause described as use-after-free in nav2_amc...
CVE-2024-38925
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter/amcl zmax...
CVE-2024-38922
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble version was discovered to contain a heap overflow in the nav2amcl process. This vulnerability is triggered via sending a crafted message to the component /initialpose...
CVE-2024-38923
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter/amcl odomframeid...
CVE-2024-38927
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter /amcl dobeamskip...
CVE-2024-38923
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter/amcl odomframeid...
CVE-2024-38927
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter /amcl dobeamskip...
CVE-2024-30962
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2amcl process...
CVE-2024-38910
CVE-2024-38910 affects ROS2/Nav2 humble and specifically the nav2_amcl process, where a use-after-free vulnerability is triggered by a request to change dynamic parameters. Reported across Red Hat, NVD, CVE lists and CNVD/CNNVD families, the issue is described as a post-release reuse in nav2_amcl...
CVE-2024-38910
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble version was discovered to contain a use-after-free in the nav2amcl process. This vulnerability is triggered via sending a request to change dynamic parameters...