9.8
CVSSv3

CVE-2024-38927

CVSSv4: NA | CVSSv3: 9.8 | CVSSv2: NA | VMScore: 1000 | EPSS: 0.0007 | KEV: Not Included
Published: 06/12/2024 Updated: 17/12/2024

Vulnerability Summary

Use-After-Free Vulnerability in ROS2 Nav2 Via Remote Request

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions have a use-after-free vulnerability. This happens through the nav2_amcl process. It is triggered when someone remotely sends a request to change the dynamic-parameter value of `/amcl do_beamskip`.

Vulnerable Product Search on Vulmon Subscribe to Product

openrobotics robot operating system 2