CVE-2025-64438

EPSS 0.03%
Veröffentlicht 03.02.2026 19:32:22
Zuletzt bearbeitet 04.02.2026 16:33:44
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group
). Prior to versions 3.4.1, 3.3.1, and 2.6.11, a remotely triggerable Out-of-Memory (OOM) denial-of-service exists in Fast
-DDS when processing RTPS GAP submessages under RELIABLE QoS. By sending a tiny GAP packet with a huge gap range (`gapList
.base - gapStart`), an attacker drives `StatefulReader::processGapMsg()` into an unbounded loop that inserts millions of s
equence numbers into `WriterProxy::changes_received_` (`std::set`), causing multi-GB heap growth and process termination. 
No authentication is required beyond network reachability to the reader on the DDS domain. In environments without an RSS 
limit (non-ASan / unlimited), memory consumption was observed to rise to ~64 GB. Versions 3.4.1, 3.3.1, and 2.6.11 patch t
he issue.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellereProsima

≫

Produkt Fast-DDS

Default Statusunaffected

Version < 3.4.1

Version 3.4.0

Status affected

Version < 3.3.1

Version 3.0.0

Status affected

Version < 2.6.11

Version 0

Status affected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.064

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security-advisories@github.com	1.7	0	0	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

https://security-tracker.debian.org/tracker/CVE-2025-64438

https://github.com/eProsima/Fast-DDS/commit/0b0cb308eaeeb2175694aa0a0a723106824ce9a7

https://github.com/eProsima/Fast-DDS/commit/71da01b4aea4d937558984f2cf0089f5ba3c871f

https://github.com/eProsima/Fast-DDS/commit/8ca016134dac20b6e30e42b7b73466ef7cdbc213

https://nvd.nist.gov/vuln/detail/CVE-2025-64438

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-64438

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-64438

EUVD