6.4.12. Fixes Related to Vulnerabilities
6.4.12.1. [Critical] Arbitrary read access while parsing malicious RTPS message *
Arbitrary read access could occur while parsing a malicious RTPS message. This issue has been fixed.
6.4.12.1.1. User Impact without Security
A vulnerability in the Connext application could have resulted in the following:
Arbitrary read access while parsing a malicious RTPS message.
Remotely exploitable.
Potential impact on confidentiality of Connext application.
CVSS Base Score: 8.2 HIGH
CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
6.4.12.1.2. User Impact with Security
Same impact as described in “User Impact without Security,” above.
[RTI Issue ID CORE-13160]
6.4.12.2. [Critical] Out-of-bounds read while parsing malicious RTPS message
An out-of-bounds read could occur while parsing a malicious RTPS message. This issue has been fixed.
6.4.12.2.1. User Impact without Security
A vulnerability in the Connext application could have resulted in the following:
Out-of-bounds read while parsing a malicious RTPS message.
Remotely exploitable.
Potential impact on confidentiality of Connext application.
CVSS Base Score: 6.5 MEDIUM
CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
6.4.12.2.2. User Impact with Security
Same impact as described in “User Impact without Security,” above.
[RTI Issue IDs CORE-13240 and CORE-13264]
6.4.12.3. [Critical] Out-of-bounds write while parsing malicious RTPS message
An out-of-bounds write could occur while parsing a malicious RTPS message. This issue has been fixed.
6.4.12.3.1. User Impact without Security
A vulnerability in the Connext application could have resulted in the following:
Out-of-bounds write while parsing a malicious RTPS message.
Remotely exploitable.
Potential impact on integrity of Connext application.
CVSS Base Score: 8.2 HIGH
CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
6.4.12.3.2. User Impact with Security
Same impact as described in “User Impact without Security,” above.
[RTI Issue ID CORE-13279 and CORE-13150]
6.4.12.4. [Critical] Buffer overflow in shared memory if memory was tampered
A buffer overflow occurred when publishing or receiving metadata or data over a tampered shared memory segment. This issue has been fixed.
6.4.12.4.1. User Impact without Security
Exploitable from the same node the Connext application is running (needs access to shared memory segment).
Application crash. Potential impact to the integrity or confidentiality of the Connext application.
CVSS Base Score: 7.8 HIGH
CVSS v3.1 Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.4.12.4.2. User Impact with Security
Same impact as described in “User Impact without Security,” above.
[RTI Issue ID CORE-13300]
6.4.12.5. [Critical] Out-of-bounds read while uncompressing malformed data from malicious RTPS message
An out-of-bounds read occurred while uncompressing malformed data from a malicious RTPS message. This issue has been fixed.
6.4.12.5.1. User Impact without Security
A vulnerability in the Connext application could have resulted in the following:
Out-of-bounds read while uncompressing malformed data from a malicious RTPS message.
Remotely exploitable.
Potential impact on confidentiality of Connext application.
CVSS Base Score: 4.8 MEDIUM
CVSS v3.1 Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
6.4.12.5.2. User Impact with Security
Same impact as described in “User Impact without Security,” above.
[RTI Issue ID CORE-13548]
* This bug does not affect you if you are upgrading from 6.1.x or earlier.