CRITICAL🇵🇱 Wersja polska

CVE-2024-38923

CVSS 9.8v3.1pub. 2024-12-06upd. 2024-12-17

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter`/amcl odom_frame_id` .

🤖 AI Analysis
How it works

The vulnerability is triggered by remotely sending a request to change the dynamic parameter value `/amcl odom_frame_id` in the nav2_amcl process. This operation leads to access of a memory area that has already been freed (use-after-free), which is a memory management error classified as CWE-416. The exploit requires no authentication or user interaction, and the attack vector is network-based, making it particularly dangerous in environments exposed to the network.

Impact

An attacker can achieve arbitrary code execution (RCE), take control of the nav2_amcl process, or destabilize the robotic system, which could consequently threaten the physical safety of the operated robot. It is also possible to compromise the confidentiality, integrity, and availability of the system.

Mitigation & patch

Patches available from the manufacturer should be applied according to the references. The fix was processed as part of pull request #4397 in the ros-navigation/navigation2 repository. It is recommended to monitor the official project repository and implement available updates as soon as possible. Until patching, consider isolating ROS2 interfaces from public networks and restricting access to dynamic parameters of nav2_amcl.

Who is affected

Open Robotics Robot Operating System 2 (ROS2) and Nav2 in humble version

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Openrobotics Robot Operating System

    APP
    Openrobotics
    2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2024-38925CRITICAL9.8PL ✓ten sam produkt

Use-after-free w ROS2 Nav2 — zdalny atak przez zmianę parametru AMCL

CVE-2024-38922CRITICAL9.8PL ✓ten sam produkt

Heap overflow w procesie nav2_amcl systemu ROS2 Nav2

CVE-2024-38921CRITICAL9.8PL ✓ten sam produkt

Use-after-free w ROS2 Nav2 — zdalny atak przez parametr /amcl z_rand

CVE-2024-38924CRITICAL9.8PL ✓ten sam produkt

Use-after-free w ROS2 Nav2 humble — zdalny exploit przez nav2_amcl

CVE-2024-38926CRITICAL9.8PL ✓ten sam produkt

Use-after-free w ROS2 Nav2 humble via proces nav2_amcl