Ubuntu.comUB:CVE-2023-39948CVE-2023-39948
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
35.2%
eprosima Fast DDS is a C++ implementation of the Data Distribution Service
standard of the Object Management Group. Prior to versions 2.10.0 and
2.6.5, the BadParamException thrown by Fast CDR is not caught in Fast
DDS. This can remotely crash any Fast DDS process. Versions 2.10.0 and
2.6.5 contain a patch for this issue.
References
github.com/eProsima/Fast-DDS/issues/3422
github.com/eProsima/Fast-DDS/security/advisories/GHSA-x9pj-vrgf-f68f
launchpad.net/bugs/cve/CVE-2023-39948
nvd.nist.gov/vuln/detail/CVE-2023-39948
security-tracker.debian.org/tracker/CVE-2023-39948
ubuntu.com/security/notices/USN-6306-1
www.cve.org/CVERecord?id=CVE-2023-39948
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
35.2%