CVE-2024-30258
CVSS V2 None
CVSS V3 None
Description
FastDDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves a malformed `RTPS` packet, the subscriber crashes when creating `pthread`. This can remotely crash any Fast-DDS process, potentially leading to a DOS attack. Versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8 contain a patch for the issue.
Overview
- CVE ID
- CVE-2024-30258
- Assigner
- GitHub_M
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-05-13T14:41:52.318Z
- Last Modified Date
- 2024-06-04T17:39:13.286Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-53xw-465j-rxfh | x_refsource_CONFIRM |
https://github.com/eProsima/Fast-DDS/commit/65236f93e9c4ea3ff9a49fba4dfd9e43eb94037b | x_refsource_MISC |
https://drive.google.com/file/d/19W5UC52hPnAqVq_boZWO45d1TJ4WoCSh/view?usp=sharing | x_refsource_MISC |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-30258 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30258 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-26 11:56:40 | Added to TrackCVE |