CVE-2021-29507
MEDIUMGENIVI Diagnostic Log and Trace 2.10.0-2.18.6 - Denial of Service via Configuration File
Title source: llmDescription
GENIVI Diagnostic Log and Trace (DLT) provides a log and trace interface. In versions of GENIVI DLT between 2.10.0 and 2.18.6, a configuration file containing the special characters could cause a vulnerable component to crash. All the applications which are using the configuration file could fail to generate their dlt logs in system. As of time of publication, no patch exists. As a workaround, one may check the integrity of information in configuration file manually.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_confirm
https://github.com/GENIVI/dlt-daemon/security/advisories/GHSA-7cqp-2hqj-mh3f
Scores
CVSS v3
5.7
EPSS
0.0075
EPSS Percentile
50.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (1)
genivi/diagnostic_log_and_trace
2.10.0 - 2.18.6
Published
May 28, 2021
Tracked Since
Feb 18, 2026