Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a heap-based buffer over-read of one byte.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
dlt-daemon 缓冲区错误漏洞
Vulnerability Description
dlt-daemon是GlobalGENIVI社区的ECU的DLT通信接口。它从运行在ECU上的一个或多个DLT用户收集并缓冲日志消息,并根据DLT客户机的请求将它们提供给它们。 dlt-daemon 2.18.8及之前版本存在缓冲区错误漏洞,该漏洞源于DLT文件解析器在转换恶意的DLT文件时,会从堆内存中过度读取一个字节,存在堆缓冲区过度读取问题。
CVSS Information
N/A
Vulnerability Type
N/A