Home

Description

EN DE

A vulnerability was found in AVL-DiTEST-DiagDev libdoip 1.0.0. It has been rated as problematic. This issue affects the function DoIPConnection::reactOnReceivedTcpMessage of the file DoIPConnection.cpp. The manipulation leads to null pointer dereference.

Eine Schwachstelle wurde in AVL-DiTEST-DiagDev libdoip 1.0.0 ausgemacht. Sie wurde als problematisch eingestuft. Hierbei geht es um die Funktion DoIPConnection::reactOnReceivedTcpMessage der Datei DoIPConnection.cpp. Dank der Manipulation mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden.

PUBLISHED Reserved 2024-11-21 | Published 2024-11-21 | Updated 2024-11-21 | Assigner VulDB




MEDIUM: 5.1CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
LOW: 3.5CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
LOW: 3.5CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2.3AV:A/AC:M/Au:S/C:N/I:N/A:P

Problem types

NULL Pointer Dereference

Denial of Service

Product status

1.0.0
affected

Timeline

2024-11-21:Advisory disclosed
2024-11-21:VulDB entry created
2024-11-21:VulDB entry last update

Credits

susu199 (VulDB User) reporter

References

vuldb.com/?id.285659 (VDB-285659 | AVL-DiTEST-DiagDev libdoip DoIPConnection.cpp reactOnReceivedTcpMessage null pointer dereference) vdb-entry technical-description

vuldb.com/?ctiid.285659 (VDB-285659 | CTI Indicators (IOB, IOC, IOA)) signature permissions-required

vuldb.com/?submit.443175 (Submit #443175 | AVL-DiTEST-DiagDev libdoip libdoip==1.0.0 NULL Pointer Dereference) third-party-advisory

github.com/AVL-DiTEST-DiagDev/libdoip/issues/11 issue-tracking

cve.org (CVE-2024-11588)

nvd.nist.gov (CVE-2024-11588)

Download JSON