CVE-2024-28231

Name of the Vulnerable Software and Affected Versions eprosima Fast DDS versions prior to 2.14.0 eprosima Fast DDS versions prior to 2.13.4 eprosima Fast DDS versions prior to 2.12.3 eprosima Fast DDS versions prior to 2.10.4 eprosima Fast DDS versions prior to 2.6.8

Description The issue is related to a manipulated DATA Submessage that can cause a heap overflow error in the Fast-DDS process, allowing it to be terminated remotely. The payload size in the DATA Submessage packet is declared as uint32 t. When a negative number is input into this variable, it results in an Integer Overflow, eventually leading to a heap-buffer-overflow and causing the program to terminate.

Recommendations Update to version 2.14.0 or later to resolve the issue. Update to version 2.13.4 or later to resolve the issue. Update to version 2.12.3 or later to resolve the issue. Update to version 2.10.4 or later to resolve the issue. Update to version 2.6.8 or later to resolve the issue. As a temporary workaround, consider validating the payload size variable to prevent negative numbers from being input, until a patch is available.