CRITICAL🇵🇱 Wersja polska

CVE-2024-38925

CVSS 9.8v3.1pub. 2024-12-06upd. 2024-12-17

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter`/amcl z_max` .

🤖 AI Analysis
How it works

The vulnerability consists of improper memory management in the nav2_amcl process — after freeing a memory area, it is possible to continue referencing it (use-after-free, CWE-416). An attacker can remotely trigger the error by sending a request to change the value of the dynamic parameter /amcl z_max to the navigation process. The attack vector is network-based, requires no authentication or user interaction, making this vulnerability particularly dangerous in network-exposed environments.

Impact

Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code in the context of the nav2_amcl process, and consequently take control of the robotic system, violate its confidentiality and integrity, or cause denial of service (DoS).

Mitigation & patch

Apply patches available from the vendor according to the references — the fix is tracked in the navigation2 repository (pull request #4397). It is recommended to update Nav2 to a version containing this fix and restrict network access to ROS2 interfaces only to trusted hosts.

Who is affected

Open Robotics Robot Operating System 2 (ROS2) and Nav2 version humble

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Openrobotics Robot Operating System

    APP
    Openrobotics
    2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2024-38924CRITICAL9.8PL ✓ten sam produkt

Use-after-free w ROS2 Nav2 humble — zdalny exploit przez nav2_amcl

CVE-2024-38922CRITICAL9.8PL ✓ten sam produkt

Heap overflow w procesie nav2_amcl systemu ROS2 Nav2

CVE-2024-38921CRITICAL9.8PL ✓ten sam produkt

Use-after-free w ROS2 Nav2 — zdalny atak przez parametr /amcl z_rand

CVE-2024-38923CRITICAL9.8PL ✓ten sam produkt

Use-after-free w ROS2 Nav2 humble poprzez proces nav2_amcl

CVE-2024-38926CRITICAL9.8PL ✓ten sam produkt

Use-after-free w ROS2 Nav2 humble via proces nav2_amcl