VDB
CVE-2021-29507
CVE-2021-29507
PUBLISHED
GENIVI Diagnostic Log and Trace (DLT) provides a log and trace interface. In versions of GENIVI DLT between 2.10.0 and 2.18.6, a configuration file containing the special characters could cause a vulnerable component to crash. All the applications which are using the configuration file could fail to generate their dlt logs in system. As of time of publication, no patch exists. As a workaround, one may check the integrity of information in configuration file manually.
EPSS 0.26% · 49.9th percentile
Risk Scores
EPSS Score
0.26%
49.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:20.04:LTS | dlt-daemon | 0, 2.18.4-0.1 |
| Ubuntu:22.04:LTS | dlt-daemon | 2.18.6-2, 0 |
| Ubuntu:25.10 | dlt-daemon | 2.18.10-12, 0, 2.18.10-10 |
| Ubuntu:24.04:LTS | dlt-daemon | 0, 2.18.10-5, 2.18.10-7 |
Exploit Intelligence
- https://github.com/GENIVI/dlt-daemon/security/advisories/GHSA-7cqp-2hqj-mh3f (circl)
- index.html (github-poc)
- index.html (github-poc)
- index.html (github-poc)
- index.html (github-poc)
- index.html (github-poc)
Timeline
- May 28, 2021 CVE Published
- May 29, 2021 EPSS Score
- Jun 2, 2021 EPSS Score
- Jun 8, 2021 EPSS Score
- Sep 30, 2021 EPSS Score
- Dec 1, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Jan 31, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 2, 2022 EPSS Score
- Jun 2, 2022 EPSS Score
- Aug 3, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-29507 third-party-advisory
- https://github.com/GENIVI/dlt-daemon/security/advisories/GHSA-7cqp-2hqj-mh3f third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-29507 third-party-advisory