rpm package
opensuse/connman&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/connman&distro=openSUSE%20Tumbleweed
Vulnerabilities (9)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-28488 | — | < 1.42-1.1 | 1.42-1.1 | Apr 12, 2023 | client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the connman process. | ||
| CVE-2022-32293 | — | < 1.41-4.1 | 1.41-4.1 | Aug 3, 2022 | In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution. | ||
| CVE-2022-32292 | — | < 1.41-4.1 | 1.41-4.1 | Aug 3, 2022 | In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code. | ||
| CVE-2022-23098 | — | < 1.41-1.1 | 1.41-1.1 | Jan 28, 2022 | An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received. | ||
| CVE-2022-23097 | — | < 1.41-1.1 | 1.41-1.1 | Jan 28, 2022 | An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read. | ||
| CVE-2021-33833 | — | < 1.40-2.2 | 1.40-2.2 | Jun 9, 2021 | ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH (for A or AAAA). | ||
| CVE-2021-26676 | — | < 1.40-2.2 | 1.40-2.2 | Feb 9, 2021 | gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp. | ||
| CVE-2021-26675 | — | < 1.40-2.2 | 1.40-2.2 | Feb 9, 2021 | A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code. | ||
| CVE-2017-12865 | Cri | 9.8 | < 1.40-2.2 | 1.40-2.2 | Aug 29, 2017 | Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the "name" variable. |
- CVE-2023-28488Apr 12, 2023affected < 1.42-1.1fixed 1.42-1.1
client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the connman process.
- CVE-2022-32293Aug 3, 2022affected < 1.41-4.1fixed 1.41-4.1
In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution.
- CVE-2022-32292Aug 3, 2022affected < 1.41-4.1fixed 1.41-4.1
In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.
- CVE-2022-23098Jan 28, 2022affected < 1.41-1.1fixed 1.41-1.1
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received.
- CVE-2022-23097Jan 28, 2022affected < 1.41-1.1fixed 1.41-1.1
An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read.
- CVE-2021-33833Jun 9, 2021affected < 1.40-2.2fixed 1.40-2.2
ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH (for A or AAAA).
- CVE-2021-26676Feb 9, 2021affected < 1.40-2.2fixed 1.40-2.2
gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp.
- CVE-2021-26675Feb 9, 2021affected < 1.40-2.2fixed 1.40-2.2
A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code.
- affected < 1.40-2.2fixed 1.40-2.2
Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the "name" variable.