CVE-2021-29507

Name of the Vulnerable Software and Affected Versions GENIVI Diagnostic Log and Trace (DLT) versions 2.10.0 through 2.18.6

Description The issue is related to the incorrect handling of special characters in configuration files, which can cause a vulnerable component to crash. This can lead to applications using the configuration file failing to generate their logs. The problem can be exploited by a remote attacker to cause a denial of service. As of the time of publication, no patch exists for this issue.

Recommendations For GENIVI DLT versions 2.10.0 through 2.18.6, as a temporary workaround, one may manually check the integrity of the information in the configuration file to prevent the crash of the vulnerable component. At the moment, there is no information about a newer version that contains a fix for this vulnerability.