VYPR

dlt-daemon

by Covesa

Source repositories

CVEs (5)

  • CVE-2022-39837MedOct 25, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a NULL pointer dereference,

  • CVE-2022-39836MedOct 25, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a heap-based buffer over-read of one…

  • CVE-2023-36321HigOct 17, 2023
    risk 0.00cvss 7.5epss 0.01

    Connected Vehicle Systems Alliance (COVESA) up to v2.18.8 was discovered to contain a buffer overflow via the component /shared/dlt_common.c.

  • CVE-2023-26257HigFeb 27, 2023
    risk 0.00cvss 7.5epss 0.01

    An issue was discovered in the Connected Vehicle Systems Alliance (COVESA; formerly GENIVI) dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c.

  • CVE-2022-31291HigJun 16, 2022
    risk 0.00cvss 7.5epss 0.01

    An issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets.