{“lastseen”:””,”description”:”Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group\\n). Prior to versions 3.4.1, 3.3.1, and 2.6.11, a remotely triggerable Out-of-Memory (OOM) denial-of-service exists in Fast\\n-DDS when processing RTPS GAP submessages under RELIABLE QoS. By sending a tiny GAP packet with a huge gap range (`gapList\\n.base – gapStart`), an attacker drives `StatefulReader::processGapMsg()` into an unbounded loop that inserts millions of s\\nequence numbers into `WriterProxy::changes_received_` (`std::set`), causing multi-GB heap growth and process termination. \\nNo authentication is required beyond network reachability to the reader on the DDS domain. In environments without an RSS \\nlimit (non-ASan \/ unlimited), memory consumption was observed to rise to ~64 GB. Versions 3.4.1, 3.3.1, and 2.6.11 patch t\\nhe issue.”,”published”:”2026-02-03T19:32:22.265Z”,”modified”:”2026-02-03T19:32:22.265Z”,”type”:”cve”,”title”:”Fast-DDS: Unbounded GAP range triggers OOM DoS under RELIABLE QoS”,”source”:”GitHub_M”,”references”:”https:\/\/security-tracker.debian.org\/tracker\/CVE-2025-64438\\nhttps:\/\/github.com\/eProsima\/Fast-DDS\/commit\/0b0cb308eaeeb2175694aa0a0a723106824ce9a7\\nhttps:\/\/github.com\/eProsima\/Fast-DDS\/commit\/71da01b4aea4d937558984f2cf0089f5ba3c871f\\nhttps:\/\/github.com\/eProsima\/Fast-DDS\/commit\/8ca016134dac20b6e30e42b7b73466ef7cdbc213″,”id”:”CVE-2025-64438″,”bulletinFamily”:””,”cwe”:[“CWE-835″],”cvelist”:null,”sourceData”:”eProsima Fast-DDS 3.4.0\\neProsima Fast-DDS 3.0.0\\neProsima Fast-DDS 0″,”sourceHref”:””,”cvss”:{“score”:1.7,”severity”:”LOW”,”vector”:”CVSS:4.0\/AV:N\/AC:L\/AT:P\/PR:N\/UI:N\/VC:N\/VI:N\/VA:L\/SC:N\/SI:N\/SA:N\/E:U”,”version”:”4.0″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”Fast-DDS”,”version”:”3.4.0″,”vendor”:”eProsima”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group\\n). Prior to versions 3.4.1, 3.3.1, and…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,170,12,71,13,7,11,5],"class_list":["post-38839","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-17","tag-exploit","tag-low","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n