Buffer Overflow Vulnerability in Open Robotics Robotic Operating System 2 Navigation Product
CVE-2024-30963

Currently unrated

Key Information:

Vendor: Open Robotics
Status: Robotic Operating System 2 (ROS2)
Vendor: CVE Published:; 5 December 2024

🔔 Create Open Robotics Vulnerability Alert

What is CVE-2024-30963?

A buffer overflow vulnerability exists in the Open Robotics Robotic Operating System 2, specifically in the navigation2 package. This issue allows a local attacker to exploit the system by executing arbitrary code through specially crafted scripts, potentially compromising the integrity and security of the affected systems. The vulnerability underscores the importance of robust coding practices and regular updates to mitigate such risks.

References

https://github.com/ros-planning/navigation2/issues/4157

https://github.com/GoesM/ROS-CVE-CNVDs

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 5, 2024
Vulnerability Reserved
Mar 27, 2024