CVE-2023-46256
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:L
Summary
PX4-Autopilot provides PX4 flight control solution for drones. In versions 1.14.0-rc1 and prior, PX4-Autopilot has a heap buffer overflow vulnerability in the parser function due to the absence of parserbuf_index value checking. A malfunction of the sensor device can cause a heap buffer overflow with leading unexpected drone behavior. Malicious applications can exploit the vulnerability even if device sensor malfunction does not occur. Up to the maximum value of an unsigned int, bytes sized data can be written to the heap memory area. As of time of publication, no fixed version is available.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| PX4 | PX4-Autopilot | <= 1.14.0-rc1 | affected |
Weaknesses
- CWE-122: CWE-122: Heap-based Buffer Overflow
- CWE-120: CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/PX4/PX4-Autopilot/security/advisories/GHSA-5hvv-q2r5-rppw
- https://github.com/PX4/PX4-Autopilot/blob/main/src/drivers/distance_sensor/lightware_laser_serial/parser.cpp#L87
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: partial
References
- https://github.com/PX4/PX4-Autopilot/security/advisories/GHSA-5hvv-q2r5-rppw
- https://github.com/PX4/PX4-Autopilot/blob/main/src/drivers/distance_sensor/lightware_laser_serial/parser.cpp#L87
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.