DEBIAN-CVE-2024-30258

FastDDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves a malformed RTPS packet, the subscriber crashes when creating pthread. This can remotely crash any Fast-DD...

CVE-2024-30258

FastDDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves a malformed RTPS packet, the subscriber crashes when creating pthread. This can remotely crash any Fast-DD...

CVE-2024-30259

FastDDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves malformed RTPS packet, heap buffer overflow occurs on the subscriber. This can remotely crash any Fast-DDS...

CVE-2024-30259 FastDDS heap buffer overflow when publisher sends malformed packet

FastDDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves malformed RTPS packet, heap buffer overflow occurs on the subscriber. This can remotely crash any Fast-DDS...

CVE-2024-30259 FastDDS heap buffer overflow when publisher sends malformed packet

FastDDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves malformed RTPS packet, heap buffer overflow occurs on the subscriber. This can remotely crash any Fast-DDS...

CVE-2024-30259 FastDDS heap buffer overflow when publisher sends malformed packet

FastDDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves malformed RTPS packet, heap buffer overflow occurs on the subscriber. This can remotely crash any Fast-DDS...

CVE-2024-30259

FastDDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves malformed RTPS packet, heap buffer overflow occurs on the subscriber. This can remotely crash any Fast-DDS...

CVE-2024-30258 FastDDS crash when publisher send malformed packet

FastDDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves a malformed RTPS packet, the subscriber crashes when creating pthread. This can remotely crash any Fast-DD...

CVE-2024-30258 FastDDS crash when publisher send malformed packet

FastDDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves a malformed RTPS packet, the subscriber crashes when creating pthread. This can remotely crash any Fast-DD...

CVE-2024-30258

Affected product: Fast-DDS (eProsima Fast DDS), a C++ implementation of the DDS standard. The issue occurs when a publisher sends a malformed RTPS packet, causing the subscriber to crash during pthread creation. This can remotely crash any Fast-DDS process, potentially enabling a denial-of-servic...

CVE-2024-30258

FastDDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves a malformed RTPS packet, the subscriber crashes when creating pthread. This can remotely crash any Fast-DD...

CVE-2024-30258 FastDDS crash when publisher send malformed packet

FastDDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves a malformed RTPS packet, the subscriber crashes when creating pthread. This can remotely crash any Fast-DD...

OESA-2024-1430 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Security Fixes: Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark versio...

OESA-2024-1428 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Security Fixes: Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark versio...

OESA-2024-1429 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Security Fixes: Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark versio...

OESA-2024-1427 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Security Fixes: Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark versio...

Advisory ROSA-SA-2024-2390

Software: wireshark 4.0.10 OS: ROSA-CHROME packageevrstring: wireshark-4.0.10-1.src.rpm CVE-ID: CVE-2023-2858 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: NetScaler file analyzer failure in Wireshark allows a denial of service via a created capture file. CVE-STATUS: Fixed CVE-REV: To close, run the...

OESA-2024-1342 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Security Fixes: Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark versio...

CVE-2023-50716

CVE-2023-50716 affects eProsima Fast DDS (formerly Fast RTPS). Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATA_FRAG Submessage can trigger a bad-free memory release within the Inline_qos/SerializedPayload path of the affected object, allowing the Fast-DDS process to b...

Updated wireshark packages fix security vulnerabilities

The updated packages fix security vulnerabilities: RTPS dissector memory leak. CVE-2023-5371 SSH dissector invalid read of memory blocks. CVE-2023-6174 NetScreen File Parsing Heap-based Buffer Overflow. CVE-2023-6175 GVCP dissector crash via packet injection or crafted capture file. CVE-2024-0208...