CNNVD-202602-274 Information
CNNVD ID
CNNVD-202602-274
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
Fast-DDS是eProsima开源的一个完整的DDS系统。 Fast-DDS 3.4.1之前版本、3.3.1之前版本和2.6.11之前版本存在安全漏洞,该漏洞源于修改DATA子消息中的PID_IDENTITY_TOKEN或PID_PERMISSIONS_TOKEN字段导致整数溢出,可能引发内存耗尽和远程进程终止。
Description (English)
Fast-DDS is a complete DDS system from the open source eProsima. There is a security loophole in previous versions of Fast-DDS 3.4.1, 3.3.1 and 2.6.11, which stems from the fact that the PID IDENTY TOKEN or PID PERMISSIONS TOKEN field in the modification of DATA submessages leads to an integer spill, which may trigger the depletion of memory and the termination of remote processes.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
eProsima
Published
2026-02-03
Last Modified
2026-02-24
References
https://github.com/eProsima/Fast-DDS/commit/354218514d32beac963ff5c306f1cf159ee37c5f https://github.com/eProsima/Fast-DDS/commit/ced3b6f92d928af1eae77d5fe889878128ad421a https://security-tracker.debian.org/tracker/CVE-2025-62602 https://github.com/eProsima/Fast-DDS/commit/a726e6a5daba660418d1f7c05b6f203c17747d2b https://access.redhat.com/security/cve/cve-2025-62602
Patch
https://github.com/eProsima/Fast-DDS/releases
Share on: