FastDDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves malformed `RTPS` packet, heap buffer overflow occurs on the subscriber. This can remotely crash any Fast-DDS process, potentially leading to a DOS attack. Versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8 contain a patch for the issue.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-05-13T14:45:28.134Z
Updated: 2024-08-02T01:32:05.392Z
Reserved: 2024-03-26T12:52:00.934Z
Link: CVE-2024-30259
Vulnrichment
Updated: 2024-08-02T01:32:05.392Z
NVD
Status : Awaiting Analysis
Published: 2024-05-14T15:22:15.967
Modified: 2024-05-14T16:13:02.773
Link: CVE-2024-30259
Redhat
No data.