Category: Open Robotics
-
Robotic Operating System 2 (ROS2) security vulnerability (CVE-2024-25196)
CVE-2024-25196 is a critical buffer overflow vulnerability discovered in Open Robotics’ Robotic Operating System 2 (ROS2) and the Navigation2 (Nav2) framework, specifically in the Humble version. The issue occurs in the nav2_controller process when it processes .yaml configuration files. A specially crafted .yaml file with excessively large data can cause the allocated buffer to overflow,…