cve/2024/CVE-2024-10838.md

### [CVE-2024-10838](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10838)
![](https://img.shields.io/static/v1?label=Product&message=Eclipse%20Cyclone%20DDS&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%200.10.5%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-191%20Integer%20Underflow%20(Wrap%20or%20Wraparound)&color=brighgreen)

### Description

An integer underflow during deserialization may allow any unauthenticated user to read out of bounds heap memory. This may result into secret data or pointers revealing the layout of the address space to be included into a deserialized data structure, which may potentially lead to thread crashes or cause denial of service conditions.

### POC

#### Reference
- https://github.com/eclipse-cyclonedds/cyclonedds/security/advisories/GHSA-6jj6-w25p-jc42

#### Github
No PoCs found on GitHub currently.
Update CVE sources 2025-09-29 16:08 2025-09-29 16:08:36 +00:00			`### [CVE-2024-10838](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10838)`
			`![](https://img.shields.io/static/v1?label=Product&message=Eclipse%20Cyclone%20DDS&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=0%3C%200.10.5%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-191%20Integer%20Underflow%20(Wrap%20or%20Wraparound)&color=brighgreen)`

			`### Description`

			`An integer underflow during deserialization may allow any unauthenticated user to read out of bounds heap memory. This may result into secret data or pointers revealing the layout of the address space to be included into a deserialized data structure, which may potentially lead to thread crashes or cause denial of service conditions.`

			`### POC`

			`#### Reference`
			`- https://github.com/eclipse-cyclonedds/cyclonedds/security/advisories/GHSA-6jj6-w25p-jc42`

			`#### Github`
			`No PoCs found on GitHub currently.`