CVE-2024-40427

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-40427

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-40427.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-40427

Related

GHSA-55wq-2hgm-75m4

Published

2025-01-07T19:15:32.260Z

Modified

2026-02-13T00:40:26.834947Z

Severity

7.9 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H CVSS Calculator

Summary

[none]

Details

Stack Buffer Overflow in PX4-Autopilot v1.14.3, which allows attackers to execute commands to exploit this vulnerability and cause the program to refuse to execute

References

Affected packages

Git / github.com/px4/px4-autopilot

Affected ranges

Type: GIT
Repo: https://github.com/px4/px4-autopilot
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

1dacb4cdef2d7145754fc788fa8dc482eed74b40

Affected versions

v1.*

v1.0.0-rc1

v1.0.0-rc2

v1.0.0-rc3

v1.0.0-rc4

v1.0.0beta1

v1.0.0beta2

v1.0.0beta3

v1.0.0rc10

v1.0.0rc11

v1.0.0rc12

v1.0.0rc5

v1.0.0rc6

v1.0.0rc7

v1.0.0rc8

v1.0.0rc9

v1.1.0

v1.1.0beta1

v1.1.0beta2

v1.1.0beta3

v1.1.1

v1.1.2

v1.1.3

v1.10.0-beta1

v1.10.0-beta2

v1.10.0-beta3

v1.10.0-beta4

v1.11.0-beta1

v1.11.0-beta2

v1.11.0-rc1

v1.11.0-rc2

v1.11.0-rc3

v1.12.0

v1.12.0-beta2

v1.12.0-beta3

v1.12.0-beta4

v1.12.0-beta5

v1.12.0-beta6

v1.12.0-rc1

v1.13.0-alpha1

v1.13.0-beta1

v1.14.0

v1.14.0-beta1

v1.14.0-beta2

v1.14.0-rc1

v1.14.0-rc2

v1.14.1

v1.14.2

v1.3.0rc1

v1.3.0rc2

v1.3.0rc3

v1.3.2

v1.4.0rc1

v1.4.0rc2

v1.4.0rc3

v1.4.0rc4

v1.4.1

v1.4.1rc1

v1.4.1rc2

v1.4.1rc3

v1.4.1rc4

v1.4.2

v1.4.3

v1.4.4rc1

v1.5.0

v1.5.1

v1.5.1rc2

v1.5.1rc3

v1.5.1rc4

v1.5.2

v1.6.0-rc2

v1.6.0-rc3

v1.6.0-rc4

v1.6.0rc1

v1.6.2

v1.6.4

v1.6.5

v1.7.0

v1.7.0-rc0

v1.7.0-rc1

v1.7.0-rc2

v1.7.0-rc3

v1.7.0-rc4

v1.7.1

v1.7.2

v1.7.3

v1.7.3beta

v1.7.4beta

v1.8.0

v1.8.0-beta1

v1.8.0-beta2

v1.8.0-rc0

v1.9.0

v1.9.0-alpha

v1.9.0-beta1

v1.9.0-beta2

v1.9.0-beta3

v1.9.0-rc0

v1.9.0-rc1

v1.9.0-rc2

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "target": {
            "file": "platforms/common/pab_manifest.c"
        },
        "source": "https://github.com/px4/px4-autopilot/commit/1dacb4cdef2d7145754fc788fa8dc482eed74b40",
        "digest": {
            "line_hashes": [
                "157146132142752308957149873742910253377",
                "59082236364195314912971724708938662658",
                "338541910886837711629975608912329989201",
                "202999782015411226571919477073664039480",
                "186509899436442657045165536157829037340",
                "221829213383922440545478887973821240428",
                "307161722360320911996163768022204068620",
                "234017315399018528752162204649620708914",
                "87743209943617276210632828902124680625",
                "339726578516982947089581939066382511405",
                "102783325974505956142310018695606120777",
                "215237046469667561749136288509590273038",
                "27509271627405897169748689426685319538",
                "229641774660337380253186060167370135824"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1",
        "id": "CVE-2024-40427-31845479"
    }
]

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-40427.json"