CVE Vulnerabilities

CVE-2024-25197

NULL Pointer Dereference

Published: Feb 20, 2024 | Modified: Apr 02, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions were discovered to contain a NULL pointer dereference via the isCurrent() function at /src/layered_costmap.cpp.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Affected Software

Name Vendor Start Version End Version
Nav2 Opennav 1.1.0 (including) 1.1.17 (including)

Potential Mitigations

References