2024-11-22
Platform: AVL-DiTEST-DiagDev libdoipVersion: 1.0.0Vulnerability: Null Pointer Dereference in DoIPConnection::reactOnReceivedTcpMessageSeverity: MediumDate: November 21, 2024 (Published by NIST)
What Undercode Says:
A vulnerability (CVE-2024-11588) has been identified in AVL-DiTEST-DiagDev libdoip version 1.0.0. This vulnerability affects the DoIPConnection::reactOnReceivedTcpMessage function and can lead to a program crash due to a null pointer dereference issue.
Here’s a breakdown of the details:
Affected Software: AVL-DiTEST-DiagDev libdoip 1.0.0
Vulnerability Type: Null Pointer Dereference (CWE-476)
Severity: Medium (CVSS v3.1: AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)
Impact: Potential program crash and denial-of-service (DoS)
Exploit Availability: Unknown
Recommendations:
Upgrade to a patched version of AVL-DiTEST-DiagDev libdoip if available.
Monitor for updates and advisories from the software vendor.
Implement additional security measures to mitigate potential DoS attacks.
Additional Notes:
This vulnerability was discovered and reported by VulDB.
There is no publicly available exploit for this vulnerability at this time.
It’s important to stay informed about security vulnerabilities and take appropriate action to mitigate risks.
References:
Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help