GENIVI Diagnostic Log and Trace 2.4.0

CPE Details

GENIVI Diagnostic Log and Trace 2.4.0
genivi
diagnostic_log_and_trace
2.4.0
2021-02-11
17h39 +00:00
2021-12-21
15h31 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:genivi:diagnostic_log_and_trace:2.4.0:*:*:*:*:*:*:*

Informations

Vendor

genivi

Product

diagnostic_log_and_trace

Version

2.4.0

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-39836 2022-10-23 22h00 +00:00 An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a heap-based buffer over-read of one byte.
5.5
Moyen
CVE-2022-39837 2022-10-23 22h00 +00:00 An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a NULL pointer dereference,
5.5
Moyen
CVE-2020-36244 2021-02-09 23h00 +00:00 The daemon in GENIVI diagnostic log and trace (DLT), is vulnerable to a heap-based buffer overflow that could allow an attacker to remotely execute arbitrary code on the DLT-Daemon (versions prior to 2.18.6).
9.8
Critique
CVE-2020-29394 2020-11-29 23h00 +00:00 A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument).
7.8
Haute