Diagnostic Log And Trace

diagnostic_log_and_trace

Vendor: Genivi • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-39837 1Genivi 1Diagnostic Log And Trace May 7, 2025 Oct 25, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing valida...Show more An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a NULL pointer dereference,Show less
CVE-2022-39836 1Genivi 1Diagnostic Log And Trace May 7, 2025 Oct 25, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing valida...Show more An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a heap-based buffer over-read of one byte.Show less
CVE-2022-31291 2Debian Genivi 2Debian Linux Diagnostic Log And Trace Nov 21, 2024 Jun 16, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets.
CVE-2021-29507 1Genivi 1Diagnostic Log And Trace Nov 21, 2024 May 28, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 GENIVI Diagnostic Log and Trace (DLT) provides a log and trace interface. In versions of GENIVI DLT between 2.10.0 and 2.18.6, a configuration file containing the special characters could cause a vulnerable component to...Show more GENIVI Diagnostic Log and Trace (DLT) provides a log and trace interface. In versions of GENIVI DLT between 2.10.0 and 2.18.6, a configuration file containing the special characters could cause a vulnerable component to crash. All the applications which are using the configuration file could fail to generate their dlt logs in system. As of time of publication, no patch exists. As a workaround, one may check the integrity of information in configuration file manually.Show less
CVE-2020-36244 2Debian Genivi 2Debian Linux Diagnostic Log And Trace Nov 21, 2024 Feb 10, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The daemon in GENIVI diagnostic log and trace (DLT), is vulnerable to a heap-based buffer overflow that could allow an attacker to remotely execute arbitrary code on the DLT-Daemon (versions prior to 2.18.6).
CVE-2020-29394 2Debian Genivi 2Debian Linux Diagnostic Log And Trace Nov 21, 2024 Nov 30, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of char...Show more A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument).Show less