ID CVE-2021-33833
Summary ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH (for A or AAAA).
References
Vulnerable Configurations
  • cpe:2.3:a:intel:connection_manager:1.30:*:*:*:*:*:*:*
    cpe:2.3:a:intel:connection_manager:1.30:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:connection_manager:1.31:*:*:*:*:*:*:*
    cpe:2.3:a:intel:connection_manager:1.31:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:connection_manager:1.32:*:*:*:*:*:*:*
    cpe:2.3:a:intel:connection_manager:1.32:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:connection_manager:1.33:*:*:*:*:*:*:*
    cpe:2.3:a:intel:connection_manager:1.33:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:connection_manager:1.34:*:*:*:*:*:*:*
    cpe:2.3:a:intel:connection_manager:1.34:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:connection_manager:1.35:*:*:*:*:*:*:*
    cpe:2.3:a:intel:connection_manager:1.35:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:connection_manager:1.36:*:*:*:*:*:*:*
    cpe:2.3:a:intel:connection_manager:1.36:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:connection_manager:1.37:*:*:*:*:*:*:*
    cpe:2.3:a:intel:connection_manager:1.37:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:connection_manager:1.38:*:*:*:*:*:*:*
    cpe:2.3:a:intel:connection_manager:1.38:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:connection_manager:1.39:*:*:*:*:*:*:*
    cpe:2.3:a:intel:connection_manager:1.39:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 12-07-2021 - 05:15)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
Last major update 12-07-2021 - 05:15
Published 09-06-2021 - 18:15
Last modified 12-07-2021 - 05:15
Back to Top