Lucene search

GitHub_MCVELIST:CVE-2023-46256

HistoryOct 31, 2023 - 3:29 p.m.

CVE-2023-46256 PX4-Autopilot Heap Buffer Overflow Bug

2023-10-3115:29:05

CWE-122

CWE-120

GitHub_M

www.cve.org

px4-autopilot

heap buffer overflow

vulnerability

parser function

sensor device

malicious applications

unsigned int

heap memory

CVSS3

4.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:L

AI Score

9.8

Confidence

High

EPSS

0.001

Percentile

50.1%

JSON

PX4-Autopilot provides PX4 flight control solution for drones. In versions 1.14.0-rc1 and prior, PX4-Autopilot has a heap buffer overflow vulnerability in the parser function due to the absence of parserbuf_index value checking. A malfunction of the sensor device can cause a heap buffer overflow with leading unexpected drone behavior. Malicious applications can exploit the vulnerability even if device sensor malfunction does not occur. Up to the maximum value of an unsigned int, bytes sized data can be written to the heap memory area. As of time of publication, no fixed version is available.

CNA Affected

[
  {
    "vendor": "PX4",
    "product": "PX4-Autopilot",
    "versions": [
      {
        "version": "<= 1.14.0-rc1",
        "status": "affected"
      }
    ]
  }
]

References

github.com/PX4/PX4-Autopilot/blob/main/src/drivers/distance_sensor/lightware_laser_serial/parser.cpp#L87

github.com/PX4/PX4-Autopilot/security/advisories/GHSA-5hvv-q2r5-rppw