VYPR

dlt-daemon

by GENIVI

Source repositories

CVEs (2)

  • CVE-2020-36244CriFeb 10, 2021
    risk 0.57cvss 9.8epss 0.04

    The daemon in GENIVI diagnostic log and trace (DLT), is vulnerable to a heap-based buffer overflow that could allow an attacker to remotely execute arbitrary code on the DLT-Daemon (versions prior to 2.18.6).

  • CVE-2020-29394HigNov 30, 2020
    risk 0.00cvss 7.8epss 0.02

    A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument).