CNNVD-202508-1822 Information
CNNVD ID
CNNVD-202508-1822
Related CVE
- CNNVD Published: 2025-08-15
Description (Chinese)
PX4 Drone Autopilot是PX4 Autopilot开源的一个 PX4 无人机自动驾驶仪。 PX4 Drone Autopilot 1.15.4及之前版本存在资源管理错误漏洞,该漏洞源于MavlinkReceiver::handle_message_serial_control函数对参数_mavlink_shell处理不当,导致释放后重用。
Description (English)
PX4 Drone Autopilot is a PX4 drone autopilot at the PX4 Autopilot source. The PX4 Drone Autopilot 1.15.4 and previous versions contain a resource management error loophole, which stems from the inappropriate handling of parameters mavlink shell by the MavlinkReceiver::handle msage serial control function for the parameter mavlink shell.
Hazard Level
High
Vulnerability Type
资源管理错误
Affected Vendor
PX4 Autopilot
Published
2025-08-15
Last Modified
2026-02-24
References
https://vuldb.com/?id.320081 https://github.com/PX4/PX4-Autopilot/pull/25082 https://github.com/PX4/PX4-Autopilot/issues/25046 https://github.com/PX4/PX4-Autopilot/pull/25082/commits/4395d4f00c49b888f030f5b43e2a779f1fa78708 https://vuldb.com/?submit.624722 https://vuldb.com/?ctiid.320081 https://nvd.nist.gov/vuln/detail/CVE-2025-9020 https://access.redhat.com/security/cve/cve-2025-9020
Patch
https://github.com/PX4/PX4-Autopilot/releases
Share on: