Home > Vulnerability Database > CVE-2023-39949

Mend.io Vulnerability Database

CVE-2023-39949

Good to know:

Date: August 11, 2023

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper validation of sequence numbers may lead to remotely reachable assertion failure. This can remotely crash any Fast-DDS process. Versions 2.9.1 and 2.6.5 contain a patch for this issue.

Language: C++

Severity Score

7.5

Related Resources (6)

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-39949

Url: https://www.debian.org/security/2023/dsa-5481

Url: https://github.com/eProsima/Fast-DDS/issues/3236

Url: https://github.com/eProsima/Fast-DDS/blob/v2.9.0/src/cpp/rtps/messages/MessageReceiver.cpp#L1059

Url: https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-3jv9-j9x3-95cg

Url: https://www.mend.io/vulnerability-database/CVE-2023-39949

Severity Score

7.5

Weakness Type (CWE)

Reachable Assertion

CWE-617

Top Fix

Upgrade Version

Upgrade to version v2.6.5,v2.9.2

Learn More

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2023-39949

Good to know:

Date: August 11, 2023

Language: C++

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?