Source: fastdds Version: 2.11.2+ds-6 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi, The following vulnerability was published for fastdds. CVE-2024-28231[0]: | eprosima Fast DDS is a C++ implementation of the Data Distribution | Service standard of the Object Management Group. Prior to versions | 2.14.0, 2.13.4, 2.12.3, 2.10.4, and 2.6.8, manipulated DATA | Submessage can cause a heap overflow error in the Fast-DDS process, | causing the process to be terminated remotely. Additionally, the | payload_size in the DATA Submessage packet is declared as uint32_t. | When a negative number, such as -1, is input into this variable, it | results in an Integer Overflow (for example, -1 gets converted to | 0xFFFFFFFF). This eventually leads to a heap-buffer-overflow, | causing the program to terminate. Versions 2.14.0, 2.13.4, 2.12.3, | 2.10.4, and 2.6.8 contain a fix for this issue. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2024-28231 https://www.cve.org/CVERecord?id=CVE-2024-28231 [1] https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-9m2j-qw67-ph4w Please adjust the affected versions in the BTS as needed. Regards, Salvatore