CVE-2025-64098
Unknown Unknown - Not Provided
Integer Overflow in Fast DDS DATA Submessage Causes Remote OOM

Publication date: 2026-02-03

Last updated on: 2026-02-18

Assigner: GitHub, Inc.

Description
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes an Out-Of-Memory (OOM) condition, resulting in remote termination of Fast-DDS. If t he fields of `PID_IDENTITY_TOKEN` or `PID_PERMISSIONS_TOKEN` in the DATA Submessage are tampered with β€” specifically by ta mpering with the the `vecsize` value read by `readOctetVector` β€” a 32-bit integer overflow can occur, causing `std::vector ::resize` to request an attacker-controlled size and quickly trigger OOM and remote process termination. Versions 3.4.1, 3 .3.1, and 2.6.11 patch the issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-03
Last Modified
2026-02-18
Generated
2026-06-16
AI Q&A
2026-02-04
EPSS Evaluated
2026-06-14
NVD
CVE-2025-64098
EUVD
EUVD-2025-206667
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
debian debian_linux 11.0
debian debian_linux 12.0
debian debian_linux 13.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-190 The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

There is no information provided in the available context or resources regarding how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

This vulnerability affects Fast DDS, a C++ implementation of the Data Distribution Service (DDS) standard. When security mode is enabled, an attacker can modify the DATA Submessage within an SPDP packet sent by a publisher. Specifically, tampering with the fields PID_IDENTITY_TOKEN or PID_PERMISSIONS_TOKEN, and manipulating the vecsize value read by readOctetVector, can cause a 32-bit integer overflow.

This overflow leads to std::vector::resize requesting an attacker-controlled size, which quickly triggers an Out-Of-Memory (OOM) condition and causes the remote termination of the Fast DDS process.

The issue is fixed in Fast DDS versions 3.4.1, 3.3.1, and 2.6.11.

Impact Analysis

This vulnerability can cause a denial of service by remotely terminating the Fast DDS process through an Out-Of-Memory condition triggered by an attacker.

Such termination can disrupt communication and data distribution services relying on Fast DDS, potentially impacting applications or systems that depend on it for real-time data exchange.

The overall impact is considered minor based on Debian Security Advisories and bug reports.

Detection Guidance

This vulnerability involves tampering with the DATA Submessage within an SPDP packet sent by a publisher in Fast DDS, causing an Out-Of-Memory condition. Detection would require monitoring network traffic for malformed SPDP packets or unusual memory usage patterns in Fast DDS processes.

Specific commands or tools to detect this vulnerability are not provided in the available resources.

Mitigation Strategies

The immediate mitigation step is to upgrade Fast DDS to version 3.4.1 or later, where the vulnerability has been patched.

Until the patched version is deployed, monitor and restrict network access to Fast DDS services to reduce exposure to potentially malicious SPDP packets.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-64098. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart