ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH (for A or AAAA).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | connman | < 1.36-2.2 | connman_1.36-2.2_all.deb |
Debian | 11 | all | connman | < 1.36-2.2 | connman_1.36-2.2_all.deb |
Debian | 10 | all | connman | < 1.36-2.1~deb10u2 | connman_1.36-2.1~deb10u2_all.deb |
Debian | 999 | all | connman | < 1.36-2.2 | connman_1.36-2.2_all.deb |
Debian | 13 | all | connman | < 1.36-2.2 | connman_1.36-2.2_all.deb |