216.73.217.98

CVE-2026-37537

· Published 01/05/2026 17:16 · Modified 01/05/2026 20:16

Labels: CVE-2026-37537 2026-05-01CVE-2026-37537CWE-190[email protected]

Essential information

Published
01/05/2026 17:16
Modified
01/05/2026 20:16
Author
Creator
CVSS
8.1 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CVSS metrics

Description

collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 (2023-03-08) contains an integer underflow leading to out-of-bounds write in Transport Protocol Data Transfer handling. At line 23: uint8_t index = data[0] - 1. When data[0] (sequence number from CAN frame) is 0, index underflows to 255. Subsequent write at tp_dt->data[255*7 + i-1] reaches offset 1791, exceeding the MAX_TP_DT buffer (1785 bytes) by 6 bytes.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
collin80 / open-sae-j1939 cpe:2.3:a:collin80:open-sae-j1939:*:*:*:*:*:*:*:*

References