Veracode Vulnerability DatabaseVERACODE:40332Out-of-bounds Write
6.5 Medium
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.3 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
9.5%
connman is vulnerable to Out-of-bounds Write. This vulnerability allows a network-adjacent attacker to utilize ‘client.c’ within ‘gdhcp’ to carry out a stack based buffer overflow or denial of service which terminates the connman process.
| CPE | Name | Operator | Version |
|---|---|---|---|
| connman:sid | eq | 1.36-2+b1 | |
| connman:sid | eq | 1.36-2+b1 | |
| connman:bullseye | eq | 1.36-2+b1 | |
| connman:buster | eq | 1.36-2.1~deb10u2 | |
| connman:buster | eq | 1.36-2 |
References
Related
6.5 Medium
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.3 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
9.5%