Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter`/amcl laser_model_type` .
Metrics
Affected Vendors & Products
References
History
Tue, 17 Dec 2024 20:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Openrobotics
Openrobotics robot Operating System |
|
CPEs | cpe:2.3:a:openrobotics:robot_operating_system:2:humble:*:*:*:*:*:* cpe:2.3:a:openrobotics:robot_operating_system:2:iron:*:*:*:*:*:* |
|
Vendors & Products |
Openrobotics
Openrobotics robot Operating System |
Wed, 11 Dec 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-416 | |
Metrics |
cvssV3_1
|
Fri, 06 Dec 2024 21:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter`/amcl laser_model_type` . | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-12-06T00:00:00
Updated: 2024-12-11T17:17:13.084Z
Reserved: 2024-06-21T00:00:00
Link: CVE-2024-38924
Vulnrichment
Updated: 2024-12-11T17:13:53.263Z
NVD
Status : Analyzed
Published: 2024-12-06T22:15:19.963
Modified: 2024-12-17T20:28:27.440
Link: CVE-2024-38924
Redhat
No data.