Headline
CVE-2023-39949: Assertion failure in SequenceNumber.h via malformed SPDP packet only when compiled in logging-enabled (Debug) mode · Issue #3236 · eProsima/Fast-DDS
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper validation of sequence numbers may lead to remotely reachable assertion failure. This can remotely crash any Fast-DDS process. Versions 2.9.1 and 2.6.5 contain a patch for this issue.
Comments
squizz617 added a commit to squizz617/Fast-DDS that referenced this issue
Feb 7, 2023
Following 8.3.8.6.3 of DDS-RTPS 2.5. This fixes issue eProsima#3236.
squizz617 added a commit to squizz617/Fast-DDS that referenced this issue
Feb 7, 2023
Following 8.3.8.6.3 of DDS-RTPS 2.5. This fixes issue eProsima#3236.
Signed-off-by: Seulbae Kim [email protected]
squizz617 added a commit to squizz617/Fast-DDS that referenced this issue
Mar 15, 2023
Signed-off-by: Seulbae Kim [email protected]
MiguelCompany pushed a commit that referenced this issue
Mar 16, 2023
* Implement a validity check for firstSN
Following 8.3.8.6.3 of DDS-RTPS 2.5. This fixes issue #3236.
Signed-off-by: Seulbae Kim [email protected]
* fix typo
Signed-off-by: Seulbae Kim [email protected]
* add test input for issue #3236 (pr #3274)
Signed-off-by: Seulbae Kim [email protected]
Signed-off-by: Seulbae Kim [email protected]
mergify bot pushed a commit that referenced this issue
Mar 16, 2023
* Implement a validity check for firstSN
Following 8.3.8.6.3 of DDS-RTPS 2.5. This fixes issue #3236.
Signed-off-by: Seulbae Kim [email protected]
* fix typo
Signed-off-by: Seulbae Kim [email protected]
* add test input for issue #3236 (pr #3274)
Signed-off-by: Seulbae Kim [email protected]
Signed-off-by: Seulbae Kim [email protected] (cherry picked from commit 3aa3ee0)
mergify bot pushed a commit that referenced this issue
Mar 16, 2023
* Implement a validity check for firstSN
Following 8.3.8.6.3 of DDS-RTPS 2.5. This fixes issue #3236.
Signed-off-by: Seulbae Kim [email protected]
* fix typo
Signed-off-by: Seulbae Kim [email protected]
* add test input for issue #3236 (pr #3274)
Signed-off-by: Seulbae Kim [email protected]
Signed-off-by: Seulbae Kim [email protected] (cherry picked from commit 3aa3ee0)
mergify bot pushed a commit that referenced this issue
Mar 16, 2023
* Implement a validity check for firstSN
Following 8.3.8.6.3 of DDS-RTPS 2.5. This fixes issue #3236.
Signed-off-by: Seulbae Kim [email protected]
* fix typo
Signed-off-by: Seulbae Kim [email protected]
* add test input for issue #3236 (pr #3274)
Signed-off-by: Seulbae Kim [email protected]
Signed-off-by: Seulbae Kim [email protected] (cherry picked from commit 3aa3ee0)
MiguelCompany pushed a commit that referenced this issue
Mar 22, 2023
* Implement a validity check for firstSN
Following 8.3.8.6.3 of DDS-RTPS 2.5. This fixes issue #3236.
Signed-off-by: Seulbae Kim [email protected]
* fix typo
Signed-off-by: Seulbae Kim [email protected]
* add test input for issue #3236 (pr #3274)
Signed-off-by: Seulbae Kim [email protected]
Signed-off-by: Seulbae Kim [email protected] (cherry picked from commit 3aa3ee0)
Co-authored-by: Seulbae Kim [email protected]
MiguelCompany pushed a commit that referenced this issue
Mar 24, 2023
* Implement a validity check for firstSN (#3274)
* Implement a validity check for firstSN
Following 8.3.8.6.3 of DDS-RTPS 2.5. This fixes issue #3236.
Signed-off-by: Seulbae Kim [email protected]
* fix typo
Signed-off-by: Seulbae Kim [email protected]
* add test input for issue #3236 (pr #3274)
Signed-off-by: Seulbae Kim [email protected]
Signed-off-by: Seulbae Kim [email protected] (cherry picked from commit 3aa3ee0)
* Refs #17717: Logging Macro fix
Signed-off-by: Mario Dominguez [email protected]
Signed-off-by: Mario Dominguez [email protected] Co-authored-by: Seulbae Kim [email protected] Co-authored-by: Mario Dominguez [email protected]
JLBuenoLopez-eProsima pushed a commit that referenced this issue
Apr 11, 2023
* Implement a validity check for firstSN (#3274)
* Implement a validity check for firstSN
Following 8.3.8.6.3 of DDS-RTPS 2.5. This fixes issue #3236.
Signed-off-by: Seulbae Kim [email protected]
* fix typo
Signed-off-by: Seulbae Kim [email protected]
* add test input for issue #3236 (pr #3274)
Signed-off-by: Seulbae Kim [email protected]
Signed-off-by: Seulbae Kim [email protected] (cherry picked from commit 3aa3ee0)
* Refs #17717: Logging Macro fix
Signed-off-by: Mario Dominguez [email protected]
Signed-off-by: Mario Dominguez [email protected] Co-authored-by: Seulbae Kim [email protected] Co-authored-by: Mario Dominguez [email protected]
Related news
Ubuntu Security Notice 6306-1 - It was discovered that Fast DDS incorrectly handled certain inputs. A remote attacker could possibly use this issue to cause a denial of service and information exposure. This issue only affected Ubuntu 22.04 LTS. It was discovered that Fast DDS incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash.
Debian Linux Security Advisory 5481-1 - Multiple security issues were discovered in Fast DDS, a C++ implementation of the DDS (Data Distribution Service), which might result in denial of service or potentially the execution of arbitrary code when processing malformed RTPS packets.