81 matches found
CVE-2022-39836
An issue was discovered in Connected Vehicle Systems Alliance COVESA dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a heap-based buffer over-read of one byte...
CVE-2022-39837
An issue was discovered in Connected Vehicle Systems Alliance COVESA dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a NULL pointer dereference,...
CVE-2022-39837
An issue was discovered in Connected Vehicle Systems Alliance COVESA dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a NULL pointer dereference,...
CVE-2022-39837
CVE-2022-39837 affects the Connected Vehicle Systems Alliance (COVESA) dlt-daemon up to version 2.18.8. The issue is a NULL pointer dereference caused by a faulty DLT file parser, and a crafted DLT file could crash the process (local access required). The NVD/NVDC entries show a MEDIUM base score...
CVE-2022-39837
An issue was discovered in Connected Vehicle Systems Alliance COVESA dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a NULL pointer dereference,...
CVE-2022-39836
An issue was discovered in Connected Vehicle Systems Alliance COVESA dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a heap-based buffer over-read of one byte...
Genivia Dlt-daemon Buffer Overflow Vulnerability
Dlt-daemon is the DLT communication interface for Genivia's ECU. It collects and buffers log messages from one or more DLT users running on the ECU and makes them available to DLT clients upon request. A buffer overflow vulnerability exists in Genivia Dlt-daemon 2.18.8 and prior versions, which...
Genivia Dlt-daemon Denial of Service Vulnerability
Dlt-daemon is the DLT communication interface for Genivia's ECU. It collects and buffers log messages from one or more DLT users running on the ECU and makes them available to DLT clients upon request. A denial of service vulnerability exists in Genivia Dlt-daemon 2.18.8 and prior versions, which...
COVESA 2.18.8 NULL Pointer Dereference / Heap Buffer Over-Read Vulnerability
======================================================================= title: Multiple Memory Corruption Vulnerabilities product: COVESA DLT daemon Diagnostic Log and Trace Connected Vehicle Systems Alliance COVESA, formerly GENIVI vulnerable version: = 2.18.8 fixed version: current master branc...
COVESA 2.18.8 NULL Pointer Dereference / Heap Buffer Over-Read
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Memory Corruption Vulnerabilities product: COVESA DLT daemon Diagnostic Log and Trace Connected Vehicle Systems Alliance COVESA, formerly GENIVI vulnerable...
dlt-daemon 缓冲区错误漏洞
Dlt-daemon is the DLT communication interface for Genivia's ECU. It collects and buffers log messages from one or more DLT users running on the ECU and makes them available to DLT clients upon request. A buffer overflow vulnerability exists in Genivia Dlt-daemon 2.18.8 and prior versions, which...
dlt-daemon 代码问题漏洞
Dlt-daemon is the DLT communication interface for Genivia's ECU. It collects and buffers log messages from one or more DLT users running on the ECU and makes them available to DLT clients upon request. A denial of service vulnerability exists in Genivia Dlt-daemon 2.18.8 and prior versions, which...
CVE-2022-31291
An issue in dltconfigfileparser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets...
DEBIAN-CVE-2022-31291
An issue in dltconfigfileparser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets...
CVE-2022-31291
An issue in dltconfigfileparser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets...
Double free
An issue in dltconfigfileparser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets...
CVE-2022-31291
An issue in dltconfigfileparser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets...
CVE-2022-31291
The CVE-2022-31291 issue affects dlt-daemon (version 2.18.8) in the dlt_config_file_parser.c component, enabling a double-free when processing crafted TCP packets. This is a network‑accessible vulnerability with high impact on availability (per CVSS v3.1). Connected sources corroborate the double...
dlt-daemon 资源管理错误漏洞
The dlt-daemon is the DLT communication interface for GENIVI's ECU. It collects and buffers log messages from one or more DLT users running on the ECU and makes them available to DLT clients upon request. A security vulnerability exists in dlt-daemon version v2.18.8, which stems from the fact tha...
CVE-2022-31291
An issue in dltconfigfileparser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets...