PT-2024-31285 · Open Robotics · Ros2
Published
2024-12-06
·
Updated
2024-12-13
·
CVE-2024-44856
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Open Robotics Robotic Operating System 2 ROS2 navigation2 version v.humble
Description
A NULL pointer dereference was discovered in the nav2 smac planner() component of the affected software. This issue can be exploited via the nav2 smac planner() function.
Recommendations
For version v.humble, as a temporary workaround, consider disabling the nav2 smac planner() function until a patch is available. Restrict access to the nav2 smac planner component to minimize the risk of exploitation.
Exploit
Fix
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ros2