6.6.7. Fixes Related to Vulnerabilities
6.6.7.1. Fixes related to Connext
This release fixes some potential vulnerabilities, including RTI Issue IDs CORE-12510 and CORE-12752.
6.6.7.2. Fixes related to third-party dependencies
This release fixes some potential vulnerabilities related to third-party dependencies, described below.
6.6.7.2.1. [Critical] Potential crash or leak of sensitive information in Core Libraries XML parser due to vulnerabilities in Expat
The Core Libraries XML parser had a third-party dependency on Expat version 2.4.4, which is known to be affected by a number of publicly disclosed vulnerabilities.
These vulnerabilities have been fixed by upgrading Expat to the latest stable version, 2.4.8. See “Third-Party Software Upgrades” in RTI Connext Core Libraries What’s New.
The impact on Connext applications of using the previous version varied depending on your Connext application configuration:
With Security (enabling RTPS protection):
Exploitable through a compromised local file system containing malicious XML/DTD files.
Could lead to arbitrary code execution.
CVSS v3.1 Score: 8.4 HIGH
CVSS v3.1 Vector: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Without Security:
Exploitable through a compromised local file system containing malicious XML/DTD files.
Remotely exploitable through malicious RTPS messages.
Could lead to arbitrary code execution.
CVSS v3.1 Score: 9.8 CRITICAL
CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
[RTI Issue ID CORE-12872]
6.6.7.2.2. [Critical] Potential memory corruption when using Zlib compression due to vulnerability in Zlib
The user-data compression feature in the Core Libraries had a third-party dependency on Zlib version 1.2.11, which is known to be affected by a publicly disclosed vulnerability.
This vulnerability has been fixed by upgrading Zlib to the latest stable version, 1.2.12. See “Third-Party Software Upgrades” in RTI Connext Core Libraries What’s New.
The impacts on Connext applications of using the previous version were as follows:
Exploitable by triggering the compression of a sample containing a malicious payload.
The application could crash.
CVSS v3.1 Score: 7.5 HIGH
CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
[RTI Issue ID CORE-12877]