CVE-2026-37536

Name of the Vulnerable Software and Affected Versions miaofng/uds-c versions prior to commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a

Description A stack buffer overflow exists in the send diagnostic request() function. The issue occurs because a 6-byte stack buffer, defined by MAX DIAGNOSTIC PAYLOAD SIZE, receives a memcpy operation with payload length bytes at an offset of 1 plus pid length. Since MAX UDS REQUEST PAYLOAD LENGTH is 7, the total size can reach 10 bytes, exceeding the buffer by 4 bytes due to a lack of bounds checking on payload length before the memory copy.

Recommendations Update to a version that includes the fix implemented in commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a.