Medium severity5.5NVD Advisory· Published Oct 25, 2022· Updated Jun 17, 2026
CVE-2022-39836
CVE-2022-39836
Description
An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a heap-based buffer over-read of one byte.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=2.18.8
Patches
Vulnerability mechanics
References
3- sec-consult.com/vulnerability-lab/advisory/multiple-memory-corruption-vulnerabilities-in-covesa-dlt-daemon/nvdExploitPatchThird Party Advisory
- seclists.org/fulldisclosure/2022/Sep/24nvdExploitMailing ListPatchThird Party Advisory
- lists.debian.org/debian-lts-announce/2024/06/msg00021.htmlnvd
News mentions
0No linked articles in our index yet.