CVE-2023-50716

Publication date 6 March 2024

Last updated 30 May 2025

Ubuntu priority

Cvss 3 Severity Score

eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATA_FRAG Submessage causes a bad-free error, and the Fast-DDS process can be remotely terminated. If an invalid Data_Frag packet is sent, the `Inline_qos, SerializedPayload` member of object `ch` will attempt to release memory without initialization, resulting in a ‘bad-free’ error. Versions 2.13.0, 2.12.2, 2.11.3, 2.10.2, and 2.6.7 fix this issue.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
fastdds	25.04 plucky	Needs evaluation
	24.10 oracular	Needs evaluation
	24.04 LTS noble	Needs evaluation
	23.10 mantic	Ignored end of life, was needs-triage
	22.04 LTS jammy	Needs evaluation
	20.04 LTS focal	Not in release

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
fastdds	Upstream: https://github.com/eProsima/Fast-DDS/pull/4145/commits/54076f0ef3e598ec88a3a4451a41479abe090ce9 Upstream: https://github.com/eProsima/Fast-DDS/pull/4145/commits/61a73275a8225433a29d4e285ff9905cb7db7cb4

Severity score breakdown

Parameter	Value
Base score	9.6 · Critical
Attack vector	Adjacent
Attack complexity	Low
Privileges required	None
User interaction	None
Scope	Changed
Confidentiality	High
Integrity impact	High
Availability impact	High
Vector	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CVE-2023-50716

Cvss 3 Severity Score

Status

Patch details

Severity score breakdown

References

Other references