CVE-2025-15150 | PX4 PX4-Autopilot up to 1.16.0 mavlink_log_handler.cpp log_entry_from_id stack-based overflow (Issue 26118)

Inserito da Angelo Barbosa | Dic 27, 2025 | CVE

A vulnerability was found in PX4 PX4-Autopilot up to 1.16.0. It has been declared as critical. Affected by this issue is the function MavlinkLogHandler::state_listing/MavlinkLogHandler::log_entry_from_id of the file src/modules/mavlink/mavlink_log_handler.cpp. The manipulation results in stack-based buffer overflow.

This vulnerability is identified as CVE-2025-15150. The attack is only possible with local access. There is not any exploit available.

It is best practice to apply a patch to resolve this issue.

CVE-2025-15150 | PX4 PX4-Autopilot up to 1.16.0 mavlink_log_handler.cpp log_entry_from_id stack-based overflow (Issue 26118)

Post correlati

CVE-2025-0617 | Trellix HX Console 5.1.1 Data xml entity expansion

CVE-2024-45508 | HTMLDOC up to 1.9.18 ps-pdf.cxx parse_paragraph out-of-bounds write (Issue 528)

CVE-2024-6641 | WP Hardening Plugin up to 1.2.6 on WordPress information disclosure

CVE-2024-0111 | NVIDIA CUDA Toolkit up to 12.6 cuobjdump improper validation of specified quantity in input