OpenDDS is an open source C++ implementation of the Object Management Group (OMG) Data Distribution Service (DDS). OpenDDS crashes while parsing a malformed `PID_PROPERTY_LIST` in a DATA submessage during participant discovery. Attackers can remotely crash OpenDDS processes by sending a DATA submessage containing the malformed parameter to the known multicast port. This issue has been addressed in version 3.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-07-21T20:02:07.734Z
Updated: 2024-08-02T17:23:27.643Z
Reserved: 2023-07-10T17:51:29.612Z
Link: CVE-2023-37915
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-07-21T21:15:11.400
Modified: 2023-08-01T15:47:10.000
Link: CVE-2023-37915
Redhat
No data.