Headline
CVE-2023-39949: Assertion failure in SequenceNumber.h via malformed SPDP packet only when compiled in logging-enabled (Debug) mode · Issue #3236 · eProsima/Fast-DDS
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper validation of sequence numbers may lead to remotely reachable assertion failure. This can remotely crash any Fast-DDS process. Versions 2.9.1 and 2.6.5 contain a patch for this issue.
Comments
squizz617 added a commit to squizz617/Fast-DDS that referenced this issue
Feb 7, 2023
Following 8.3.8.6.3 of DDS-RTPS 2.5. This fixes issue eProsima#3236.
squizz617 added a commit to squizz617/Fast-DDS that referenced this issue
Feb 7, 2023
Following 8.3.8.6.3 of DDS-RTPS 2.5. This fixes issue eProsima#3236.
Signed-off-by: Seulbae Kim squizz617@gmail.com
squizz617 added a commit to squizz617/Fast-DDS that referenced this issue
Mar 15, 2023
Signed-off-by: Seulbae Kim squizz617@gmail.com
MiguelCompany pushed a commit that referenced this issue
Mar 16, 2023
* Implement a validity check for firstSN
Following 8.3.8.6.3 of DDS-RTPS 2.5. This fixes issue #3236.
Signed-off-by: Seulbae Kim squizz617@gmail.com
* fix typo
Signed-off-by: Seulbae Kim squizz617@gmail.com
* add test input for issue #3236 (pr #3274)
Signed-off-by: Seulbae Kim squizz617@gmail.com
Signed-off-by: Seulbae Kim squizz617@gmail.com
mergify bot pushed a commit that referenced this issue
Mar 16, 2023
* Implement a validity check for firstSN
Following 8.3.8.6.3 of DDS-RTPS 2.5. This fixes issue #3236.
Signed-off-by: Seulbae Kim squizz617@gmail.com
* fix typo
Signed-off-by: Seulbae Kim squizz617@gmail.com
* add test input for issue #3236 (pr #3274)
Signed-off-by: Seulbae Kim squizz617@gmail.com
Signed-off-by: Seulbae Kim squizz617@gmail.com (cherry picked from commit 3aa3ee0)
mergify bot pushed a commit that referenced this issue
Mar 16, 2023
* Implement a validity check for firstSN
Following 8.3.8.6.3 of DDS-RTPS 2.5. This fixes issue #3236.
Signed-off-by: Seulbae Kim squizz617@gmail.com
* fix typo
Signed-off-by: Seulbae Kim squizz617@gmail.com
* add test input for issue #3236 (pr #3274)
Signed-off-by: Seulbae Kim squizz617@gmail.com
Signed-off-by: Seulbae Kim squizz617@gmail.com (cherry picked from commit 3aa3ee0)
mergify bot pushed a commit that referenced this issue
Mar 16, 2023
* Implement a validity check for firstSN
Following 8.3.8.6.3 of DDS-RTPS 2.5. This fixes issue #3236.
Signed-off-by: Seulbae Kim squizz617@gmail.com
* fix typo
Signed-off-by: Seulbae Kim squizz617@gmail.com
* add test input for issue #3236 (pr #3274)
Signed-off-by: Seulbae Kim squizz617@gmail.com
Signed-off-by: Seulbae Kim squizz617@gmail.com (cherry picked from commit 3aa3ee0)
MiguelCompany pushed a commit that referenced this issue
Mar 22, 2023
* Implement a validity check for firstSN
Following 8.3.8.6.3 of DDS-RTPS 2.5. This fixes issue #3236.
Signed-off-by: Seulbae Kim squizz617@gmail.com
* fix typo
Signed-off-by: Seulbae Kim squizz617@gmail.com
* add test input for issue #3236 (pr #3274)
Signed-off-by: Seulbae Kim squizz617@gmail.com
Signed-off-by: Seulbae Kim squizz617@gmail.com (cherry picked from commit 3aa3ee0)
Co-authored-by: Seulbae Kim squizz617@gmail.com
MiguelCompany pushed a commit that referenced this issue
Mar 24, 2023
* Implement a validity check for firstSN (#3274)
* Implement a validity check for firstSN
Following 8.3.8.6.3 of DDS-RTPS 2.5. This fixes issue #3236.
Signed-off-by: Seulbae Kim squizz617@gmail.com
* fix typo
Signed-off-by: Seulbae Kim squizz617@gmail.com
* add test input for issue #3236 (pr #3274)
Signed-off-by: Seulbae Kim squizz617@gmail.com
Signed-off-by: Seulbae Kim squizz617@gmail.com (cherry picked from commit 3aa3ee0)
* Refs #17717: Logging Macro fix
Signed-off-by: Mario Dominguez mariodominguez@eprosima.com
Signed-off-by: Mario Dominguez mariodominguez@eprosima.com Co-authored-by: Seulbae Kim squizz617@gmail.com Co-authored-by: Mario Dominguez mariodominguez@eprosima.com
JLBuenoLopez-eProsima pushed a commit that referenced this issue
Apr 11, 2023
* Implement a validity check for firstSN (#3274)
* Implement a validity check for firstSN
Following 8.3.8.6.3 of DDS-RTPS 2.5. This fixes issue #3236.
Signed-off-by: Seulbae Kim squizz617@gmail.com
* fix typo
Signed-off-by: Seulbae Kim squizz617@gmail.com
* add test input for issue #3236 (pr #3274)
Signed-off-by: Seulbae Kim squizz617@gmail.com
Signed-off-by: Seulbae Kim squizz617@gmail.com (cherry picked from commit 3aa3ee0)
* Refs #17717: Logging Macro fix
Signed-off-by: Mario Dominguez mariodominguez@eprosima.com
Signed-off-by: Mario Dominguez mariodominguez@eprosima.com Co-authored-by: Seulbae Kim squizz617@gmail.com Co-authored-by: Mario Dominguez mariodominguez@eprosima.com
Related news
Ubuntu Security Notice 6306-1 - It was discovered that Fast DDS incorrectly handled certain inputs. A remote attacker could possibly use this issue to cause a denial of service and information exposure. This issue only affected Ubuntu 22.04 LTS. It was discovered that Fast DDS incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash.
Debian Linux Security Advisory 5481-1 - Multiple security issues were discovered in Fast DDS, a C++ implementation of the DDS (Data Distribution Service), which might result in denial of service or potentially the execution of arbitrary code when processing malformed RTPS packets.