Package: ros-actionlib | Debian Sources

Package: ros-actionlib / 1.11.15-1+deb10u1

Metadata

Package	Version	Patches format
ros-actionlib	1.11.15-1+deb10u1	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
0001 Add Debian specific SONAME.patch \| (download)	CMakeLists.txt \| 1 1 + 0 - 0 ! 1 file changed, 1 insertion(+)	add-debian-specific-soname
0002 Add shebang.patch \| (download)	tools/library.py \| 1 1 + 0 - 0 ! 1 file changed, 1 insertion(+)	add shebang
0003 Address RVD 2401.patch \| (download)	tools/library.py \| 4 2 + 2 - 0 ! 1 file changed, 2 insertions(+), 2 deletions(-)	address rvd#2401 Our team at @AliasRobotics identified and reported in RVD#2401 the use of unsafe yaml load (https://github.com/aliasrobotics/RVD/issues/2401). After triaging the flaw we detected that it was exploitable and could lead to local (or remote, based on certain common user interaction) code execution. Specifically, the flaw itself is caused by an unsafe parsing of YAML values which happens whenever an action message is processed to be sent, and allows for the creation of Python objects. Through this flaw in ROS, an attacker could build a malicious payload and execute arbitrary code in Python. A PoC is available but have decided not to disclose it for now and until this is mitigated and debs are available. Peer-researched and coded with @ibaiape.

Patch

File delta

Description

0001 Add Debian specific SONAME.patch | (download)

CMakeLists.txt | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 add-debian-specific-soname

0002 Add shebang.patch | (download)

tools/library.py | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 add shebang

0003 Address RVD 2401.patch | (download)

tools/library.py | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

address rvd#2401

Our team at @AliasRobotics identified and reported in RVD#2401 the use of
unsafe yaml load (https://github.com/aliasrobotics/RVD/issues/2401).

After triaging the flaw we detected that it was exploitable and could lead to
local (or remote, based on certain common user interaction) code execution.

Specifically, the flaw itself is caused by an unsafe parsing of YAML values which
happens whenever an action message is processed to be sent, and allows for the
creation of Python objects. Through this flaw in ROS, an attacker could build a
malicious payload and execute arbitrary code in Python. A PoC is available but
have decided not to disclose it for now and until this is mitigated and debs are
available.

Peer-researched and coded with @ibaiape.