CVE-2024-30676

high

Description

A Denial-of-Service (DoS) vulnerability exists in ROS2 Iron Irwini versions where ROS_VERSION is 2 and ROS_PYTHON_VERSION is 3. A malicious user could potentially exploit this vulnerability remotely to crash the ROS2 nodes, thereby causing a denial of service. The flaw allows an attacker to cause unexpected behavior in the operation of ROS2 nodes, which leads to their failure and interrupts the regular operation of the system, thus making it unavailable for its intended users. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability.

References

https://github.com/yashpatelphd/CVE-2024-30676

Details

Source: Mitre, NVD

Published: 2024-04-09

Updated: 2024-04-17

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

Detections

Analytics