An issue exists in Connected Vehicle Systems Alliance (COVESA) dlt-daemon up to and including 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a NULL pointer dereference,
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
genivi diagnostic log and trace |