Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Our team at @aliasrobotics identified and reported in RVD#2401 the use of unsafe yaml load (aliasrobotics/RVD#2401). After triaging the flaw we detected that it was exploitable and could lead to local (or remote, based on certain common user interaction) code execution. Specifically, the flaw itself is caused by an unsafe parsing of YAML values which happens whenever an action message is processed to be sent, and allows for the creation of Python objects. Through this flaw in ROS, an attacker could build a malicious payload and execute arbitrary code in Python. A PoC is available but have decided not to disclose it for now and until this is mitigated and debs are available. Peer-researched and coded with @ibaiape.
- Loading branch information