CVE-2020-29394 — Out-of-bounds Write in Dlt-daemon

CWE-787 — Out-of-bounds Write4 documents4 sources

Severity

7.8HIGHNVD

EPSS

1.4%

top 19.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Covesa Dlt-daemon Debian Dlt-daemon Genivi Diagnostic LOG AND Trace +1 more

Timeline

PublishedNov 30

Latest updateMay 24

Description

A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument).

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶NVDgenivi/diagnostic_log_and_trace2.18.5

▶debiandebian/dlt-daemon< dlt-daemon 2.18.5-0.3 (bookworm)

▶Debiancovesa/dlt-daemon< 2.18.5-0.3+3

Also affects: Debian Linux 10.0

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-phgp-jpjx-5mh3: A buffer overflow in the dlt_filter_load function in dlt_common↗2022-05-24

▶

OSV

CVE-2020-29394: A buffer overflow in the dlt_filter_load function in dlt_common↗2020-11-30

▶

📋Vendor Advisories

Debian

CVE-2020-29394: dlt-daemon - A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemo...↗2020

▶