Lucene search
HistoryOct 25, 2022 - 5:15 p.m.
CVE-2022-39837
covesa
dlt-daemon
dlt file parser
process crash
validation checks
null pointer dereference
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
26.9%
An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a NULL pointer dereference,
Affected configurations
Node
genividiagnostic_log_and_traceRange≤2.18.8
| Vendor | Product | Version | CPE |
|---|---|---|---|
| genivi | diagnostic_log_and_trace | * | cpe:2.3:a:genivi:diagnostic_log_and_trace:*:*:*:*:*:*:*:* |
Related
cnvd
cnvd
Genivia Dlt-daemon Denial of Service Vulnerability
2022-09-29 00:00:00
prion
prion
Null pointer dereference
2022-10-25 17:15:00
osv
osv
CVE-2022-39837
2022-10-25 17:15:56
dlt-daemon - security update
2024-06-27 00:00:00
debiancve
debiancve
CVE-2022-39837
2022-10-25 17:15:56
cve
cve
CVE-2022-39837
2022-10-25 17:15:56
ubuntucve
ubuntucve
CVE-2022-39837
2022-10-25 00:00:00
cvelist
cvelist
CVE-2022-39837
2022-10-24 00:00:00
zdt
zdt
COVESA 2.18.8 NULL Pointer Dereference / Heap Buffer Over-Read Vulnerability
2022-09-28 00:00:00
packetstorm
packetstorm
COVESA 2.18.8 NULL Pointer Dereference / Heap Buffer Over-Read
2022-09-27 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3845-1)
2024-07-01 00:00:00
nessus
nessus
Debian dla-3845 : dlt-daemon - security update
2024-06-27 00:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
26.9%
Related for NVD:CVE-2022-39837