{"id":"CVE-2024-25198","details":"Inappropriate pointer order of laser_scan_filter_.reset() and tf_listener_.reset() (amcl_node.cpp) in Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions leads to a use-after-free.","modified":"2026-03-20T12:34:55.472830Z","published":"2024-02-20T14:15:09.260Z","references":[{"type":"WEB","url":"https://github.com/ros-planning/navigation2/blob/main/nav2_amcl/src/amcl_node.cpp#L331-L344"},{"type":"FIX","url":"https://github.com/ros-planning/navigation2/pull/4068"},{"type":"FIX","url":"https://github.com/ros-planning/navigation2/pull/4070"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ros-navigation/navigation2","events":[{"introduced":"f1d31677121087be3899951a8568ac82e3c76299"},{"last_affected":"0f8fda36ca1b84a840ad9b72a6c71776eefa6790"}],"database_specific":{"versions":[{"introduced":"1.1.0"},{"last_affected":"1.1.17"}]}}],"versions":["1.1.0","1.1.1","1.1.10","1.1.11","1.1.12","1.1.13","1.1.14","1.1.15","1.1.16","1.1.17","1.1.2","1.1.3","1.1.4","1.1.5","1.1.6","1.1.7","1.1.8","1.1.9"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"2-humble"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-25198.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}]}