4 matches found
CVE-2026-32708
PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the Zenoh uORB subscriber allocates a stack VLA directly from the incoming payload length without bounds. A remote Zenoh publisher can send an oversized fragmented message to force an unbounded stack allocation and copy,...
CVE-2026-32708 Zenoh uORB Subscriber Allows Arbitrary Stack Allocation (PX4/PX4-Autopilot)
PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the Zenoh uORB subscriber allocates a stack VLA directly from the incoming payload length without bounds. A remote Zenoh publisher can send an oversized fragmented message to force an unbounded stack allocation and copy,...
CVE-2026-32708 Zenoh uORB Subscriber Allows Arbitrary Stack Allocation (PX4/PX4-Autopilot)
PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the Zenoh uORB subscriber allocates a stack VLA directly from the incoming payload length without bounds. A remote Zenoh publisher can send an oversized fragmented message to force an unbounded stack allocation and copy,...
CVE-2026-32708
CVE-2026-32708 affects the PX4 Autopilot’s Zenoh uORB subscriber. Before 1.17.0-rc2, it allocates a stack VLQuestion from the incoming payload length without bounds, enabling a remote Zenoh publisher to send an oversized, fragmented message that triggers an unbounded stack allocation and a stack ...