VYPR
Unrated severityOSV Advisory· Published Feb 3, 2026· Updated Feb 3, 2026

FastDDS's heap buffer overflow in RTPS DATA_FRAG enables unauthenticated DoS (potential RCE)

CVE-2025-62799

Description

Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, a heap buffer overflow exists in the Fast-DDS DATA_FRAG receive path. An un authenticated sender can transmit a single malformed RTPS DATA_FRAG packet where fragmentSize and sampleSize are craft ed to violate internal assumptions. Due to a 4-byte alignment step during fragment metadata initialization, the code write s past the end of the allocated payload buffer, causing immediate crash (DoS) and potentially enabling memory corruption ( RCE risk). Versions 3.4.1, 3.3.1, and 2.6.11 patch the issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Eprosima/FastDDSOSV2 versions
    2.0.0-beta, 2.0.0-rc, Discovery-Time_Data_Typing, …+ 1 more
    • (no CPE)range: 2.0.0-beta, 2.0.0-rc, Discovery-Time_Data_Typing, …
    • (no CPE)range: < 3.4.1, < 3.3.1, < 2.6.11

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.