CVE-2023-50716
9.7
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATA_FRAG Submessage causes a bad-free error, and the Fast-DDS process can be remotely terminated. If an invalid Data_Frag packet is sent, the Inline_qos, SerializedPayload member of object ch will attempt to release memory without initialization, resulting in a 'bad-free' error. Versions 2.13.0, 2.12.2, 2.11.3, 2.10.2, and 2.6.7 fix this issue.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| eProsima | Fast-DDS | >= 2.12.0, < 2.12.2 | affected |
| eProsima | Fast-DDS | >= 2.11.0, < 2.11.3 | affected |
| eProsima | Fast-DDS | >= 2.10.0, < 2.10.3 | affected |
| eProsima | Fast-DDS | < 2.6.7 | affected |
Weaknesses
- CWE-416: CWE-416: Use After Free
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.