GENIVI Diagnostic Log and Trace 2.4.1

CPE Details

GENIVI Diagnostic Log and Trace 2.4.1
genivi
diagnostic_log_and_trace
2.4.1
2021-02-11
17h39 +00:00
2021-12-21
15h31 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:genivi:diagnostic_log_and_trace:2.4.1:*:*:*:*:*:*:*

Informations

Vendor

genivi

Product

diagnostic_log_and_trace

Version

2.4.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-39836 2022-10-23 22h00 +00:00 An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a heap-based buffer over-read of one byte.
5.5
Medium
CVE-2022-39837 2022-10-23 22h00 +00:00 An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a NULL pointer dereference,
5.5
Medium
CVE-2020-36244 2021-02-09 23h00 +00:00 The daemon in GENIVI diagnostic log and trace (DLT), is vulnerable to a heap-based buffer overflow that could allow an attacker to remotely execute arbitrary code on the DLT-Daemon (versions prior to 2.18.6).
9.8
Critical
CVE-2020-29394 2020-11-29 23h00 +00:00 A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument).
7.8
High