Astra Linux - уязвимость в connman

In ConnMan version 1.41, a man-in-the-middle attack against a WISPR HTTP query could cause a use-after-free error in WISPR handling, resulting in crashes or code execution...

GLSA-202310-21 : ConnMan: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202310-21 ConnMan: Multiple Vulnerabilities - An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an...

Debian dla-3144 : connman - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3144 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3144-1 [email protected]...

openSUSE 15 Security Update : connman (openSUSE-SU-2022:10134-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10134-1 advisory. - In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer...

Security update for connman (critical)

openSUSE Security Update: Security update for connman Announcement ID: openSUSE-SU-2022:10134-1 Rating: critical References: 1200189 1200190 Cross-References: CVE-2022-32292 CVE-2022-32293 CVSS scores: CVE-2022-32292 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-32293 NVD : 8.1...

Updated connman packages fix security vulnerability

In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in receiveddata to execute code. CVE-2022-32292 In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a...

Use-After-Free

connman is vulnerable to use-after-free. A WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to an application crash or code execution...

CVE-2022-32293

In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution...

DEBIAN-CVE-2022-32293

In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution...

CVE-2022-32293

In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution...

CVE-2022-32293

In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution...

Code injection

In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution...

CVE-2022-32293

In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution...

CVE-2022-32293

In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution...

CVE-2022-32293

In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution...

openSUSE 15 Security Update : connman (openSUSE-SU-2022:10076-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10076-1 advisory. - In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer...

CVE-2022-32293

CVE-2022-32293 : In ConnMan up to 1.41, a man-in-the-middle attack against a WISPR HTTP query can trigger a use-after-free in WISPR handling, causing crashes or code execution. Affected products include ConnMan’s WISPR component; multiple advisories describe this alongside related CVEs. Remediati...

CVE-2022-32293

In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel ConnMan version 1.41, which stems from the existence of a post-release reuse issue with WISPR, and can be exploited by an attack...

Security update for connman (moderate)

openSUSE Security Update: Security update for connman Announcement ID: openSUSE-SU-2021:0452-1 Rating: moderate References: 1181751 Cross-References: CVE-2021-26675 CVE-2021-26676 CVSS scores: CVE-2021-26675 NVD : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-26676 NVD : 6.5...