29 matches found
Astra Linux - уязвимость в connman
A issue was discovered in the DNS proxy of Connman through version 1.40. The TCP server reply implementation creates an infinite loop if no data is received...
Astra Linux - уязвимость в connman
The client.c file in gdhcp within ConnMan, as of version 1.41, can be exploited by network-adjacent attackers who operate a crafted DHCP server. This exploitation can lead to a stack-based buffer overflow and a denial of service attack, resulting in the termination of the connman process...
EUVD-2017-4397
Malware in sbrugna...
EUVD-2012-2313
Malware in sbrugna...
EUVD-2012-2315
Malware in sbrugna...
EUVD-2025-10687
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-32366
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ConnMan through 1.44, parserr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., rdlen=ntohsrr-rdlen and...
CVE-2025-32743
In ConnMan through 1.44, the lookup string in nsresolv in dnsproxy.c can be NULL or an empty string when the TC Truncated bit is set in a DNS response. This allows attackers to cause a denial of service application crash or possibly execute arbitrary code, because those lookup values lead to...
DEBIAN-CVE-2025-32743
In ConnMan through 1.44, the lookup string in nsresolv in dnsproxy.c can be NULL or an empty string when the TC Truncated bit is set in a DNS response. This allows attackers to cause a denial of service application crash or possibly execute arbitrary code, because those lookup values lead to...
Linux ConnMan 安全漏洞
Linux ConnMan is an application from the Linux community in the United States. It provides Intel's Modular Network Connection Manager. A security vulnerability exists in Linux ConnMan versions 1.44 and earlier, which stems from a TC bit setting in the DNS response resulting in a denial of service...
CVE-2025-32743
In ConnMan through 1.44, the lookup string in nsresolv in dnsproxy.c can be NULL or an empty string when the TC Truncated bit is set in a DNS response. This allows attackers to cause a denial of service application crash or possibly execute arbitrary code, because those lookup values lead to...
CVE-2025-32366
A flaw was found in ConnMan's DNS proxy component. This vulnerability allows an attacker to cause a buffer overread or memory corruption via a crafted DNS response due to improper validation of the RDLENGTH field before using it in a memcpy operation. Mitigation Mitigation for this issue is eithe...
CVE-2025-32366
In ConnMan through 1.44, parserr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., rdlen=ntohsrr-rdlen and memcpyresponse+offset,end,rdlen without a check for whether the sum of end and rdlen exceeds max. Consequently, rdlen may be larger than the amount of remaining...
CVE-2025-32366
In ConnMan through 1.44, parserr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., rdlen=ntohsrr-rdlen and memcpyresponse+offset,end,rdlen without a check for whether the sum of end and rdlen exceeds max. Consequently, rdlen may be larger than the amount of remaining...
PT-2025-15079 · Connman +1 · Connman +1
Name of the Vulnerable Software and Affected Versions: ConnMan versions 1.44 and earlier Description: The issue is related to a memcpy length that depends on an RR RDLENGTH value in the parse rr function in dnsproxy.c. This could potentially lead to issues due to the direct use of...
Security update for connman (important)
openSUSE Security Update: Security update for connman Announcement ID: openSUSE-SU-2023:0370-1 Rating: important References: 1210395 Cross-References: CVE-2023-28488 CVSS scores: CVE-2023-28488 NVD : 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP4...
SUSE CVE-2023-28488
client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers operating a crafted DHCP server to cause a stack-based buffer overflow and denial of service, terminating the connman process...
CVE-2023-28488
client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers operating a crafted DHCP server to cause a stack-based buffer overflow and denial of service, terminating the connman process...
Connman 缓冲区错误漏洞
Connman is a connection manager. A security vulnerability exists in ConnMan version 1.41 and earlier. An attacker could exploit the vulnerability to cause a buffer overflow on the stack and a denial of service, which could terminate the connman process...
SUSE CVE-2022-32292
In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in receiveddata to execute code...