CNNVD-202602-272 Information
CNNVD ID
CNNVD-202602-272
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
eProsima Fast DDS是eProsima公司的OMG(对象管理组)DDS(数据分发服务)标准的 C++ 实现。 eProsima Fast DDS 3.4.1之前版本、3.3.1之前版本和2.6.11之前版本存在安全漏洞,该漏洞源于修改DATA子消息中的PID_IDENTITY_TOKEN或PID_PERMISSIONS_TOKEN字段导致整数溢出,可能引发堆缓冲区溢出和远程进程终止。
Description (English)
eProsima Fast DDS is a C++ standard for the OMG (target management group) DDS (data distribution services) of eProsima. A security loophole existed before eProsima Fast DDS 3.4.1, before 3.3.1 and before 2.6.11, which resulted from the correction of the PID IDENTITY TOKEN or PID PERMISSIONS TOKEN field in the DATA sub-message, which resulted in the spilling of the whole number and could trigger the spilling of the buffer zone and the termination of the remote process.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
eProsima
Published
2026-02-03
Last Modified
2026-02-24
References
https://github.com/eProsima/Fast-DDS/commit/354218514d32beac963ff5c306f1cf159ee37c5f https://github.com/eProsima/Fast-DDS/commit/ced3b6f92d928af1eae77d5fe889878128ad421a https://security-tracker.debian.org/tracker/CVE-2025-62601 https://github.com/eProsima/Fast-DDS/commit/a726e6a5daba660418d1f7c05b6f203c17747d2b https://access.redhat.com/security/cve/cve-2025-62601
Patch
https://github.com/eProsima/Fast-DDS/releases
Share on: