7 matches found
CVE-2024-38925
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter/amcl zmax...
CVE-2024-44855
Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component nav2navfnplanner...
CVE-2024-38926
CVE-2024-38926 affects the ROS 2 ecosystem (ROS 2 Humble and Nav2 Humble) and is due to a use-after-free in the nav2_amcl process. The vulnerability is triggered by remotely sending a request to change the dynamic-parameter /amcl z_short, indicating a remote-access impact vector. The CVSS v3.1 me...
CVE-2024-25197
CVE-2024-25197 affects Open Robotics ROS2 and Nav2 Humble; it is a NULL pointer dereference in isCurrent() within /src/layered_costmap.cpp. Affected components and exact root cause are described across multiple sources (ROS2/Nav2 humble). The CVSS metric indicates a network-exposed, low-privilege...
CVE-2024-25196
Open Robotics Robotic Operating Sytstem 2 ROS2 and Nav2 humble versions were discovered to contain a buffer overflow via the nav2controller process. This vulnerability is triggerd via sending a crafted .yaml file...
CVE-2024-25197
Open Robotics Robotic Operating Sytstem 2 ROS2 and Nav2 humble versions were discovered to contain a NULL pointer dereference via the isCurrent function at /src/layeredcostmap.cpp...
CVE-2024-25199
CVE-2024-25199 affects Open Robotics ROS 2 (2) and Nav2 humble, caused by an inappropriate pointer order between map_sub_ and map_free in amcl_node.cpp, leading to a use-after-free. The entry is supported by multiple sources (NVD, Red Hat, OSV, CVE lists) and notes a high-severity impact (I/H; A/...