About CVE-2024-38952 on PX4-Autopilot v1.14.3 (27 June 2024)

Preface: The PX4 is a professional autopilot. Developed by world-class developers from industry and academia and supported by an active worldwide community, it powers a variety of vehicles from racing and cargo drones to ground vehicles and submersibles.

Background:  What is needed to control a drone using PX4 flight controller?

-A computer with Internet Access.

-Linux operating system (I am using Ubuntu 14.04 LTS, you can use the operating system you want, but since I am also doing source code development, Linux will make my days a lot easier).

-A PX4 autopilot (Pixhawk, Pixfalcon, HK Pilot 32, Pixracer) with micro usb cable.

-Your drone.

-A pair of telemetry modules (optional).

Vulnerability details: PX4-Autopilot v1[.]14[.]3 was discovered to contain a buffer overflow via the topic_name parameter at /logger/logged_topics[.]cpp.

Official announcement: For detail, please refer to link –

https://nvd.nist.gov/vuln/detail/cve-2024-38952

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.