Podatność CVE-2022-39837


Publikacja: 2022-10-25

Opis:
An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a NULL pointer dereference,

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
High
COVESA 2.18.8 NULL Pointer Dereference / Heap Buffer Over-Read
T. Weber
27.09.2022

 Referencje:
https://seclists.org/fulldisclosure/2022/Sep/24
https://sec-consult.com/vulnerability-lab/advisory/multiple-memory-corruption-vulnerabilities-in-covesa-dlt-daemon/

Copyright 2024, cxsecurity.com

 

Back to Top