Vulnerabilites related to intel - connman
var-202208-0314
Vulnerability from variot
In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code. Intel's connman Products from other vendors have out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installation of ConnMan. Authentication is not required to exploit this vulnerability.The specific flaw exists within the received_data method. Crafted data in a HTTP response can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the ConnMan process.This vulnerability was demonstrated on a Tesla Model 3 during Pwn2Own 2022 Vancouver competition.
For the stable distribution (bullseye), these problems have been fixed in version 1.36-2.2+deb11u1.
We recommend that you upgrade your connman packages.
For the detailed security status of connman please refer to its security tracker page at: https://security-tracker.debian.org/tracker/connman
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmMl6e9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TRZA//QR46xvu66PMnDmLubjco12vyMnfonbCrOI+ZrgQl1OHtIB1/i1/sX/e6 YJfjJpMjIM+9tbGP6wUSPYli4ZjW7fYGipaXJYFYH/Mxq8zleLO7YeO5RGtl7isi trvOcJ0N8Og+KQZHymgxI9zSiAA1cA7VjWtdZjj7izt7fm2VN/xO7Yksecm053tF hBBffflPnOXL/BA75kQ6zK+l4GJKCoqE67zWqirpoFOIzbvQsOInfkG4WBh3fxee dzSjLJ5UjmEkiJC9la9y6TnO64b1nvNkp1akGbqVHmxQrrxcS5QoWvAa4K3mNVI8 l7+lTLxqsodLv6io71pI6UQbvLiyeOBKBycGxbFvnX38GiuO2qjNGrrKUfi77Lj3 23zwbKPiOl3bcBoH6/zhJmJsCR6rREN0uhULnEDMiiEQNVqbTw2RekFSNnSiprhC CvUhaioqcNQ0Km7Uhd23kIdpBcM5lZh3hwSXWuGxpEXyyBAzorn+1rh5l/Zu0x8I OpAbtgG4EaiB4crHBnDE8Tc2ZW/VmilnJF/syrVxL8zx78ZulK+fNmTwNWTV+wRz A5xHsvmR1D0FpBr2uKQ0bq6uDWxajd5kNOmboNnha3UL+EftjgIEW3f3Y4fgHeWx 1io1lrYjacfCEm3uf+NnAjACpwnQzWh41EIJpIDBhI09KB+LDeQ= =qzlf -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-6236-1 July 19, 2023
connman vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.04
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
Summary:
Several security issues were fixed in ConnMan.
Software Description: - connman: Intel Connection Manager daemon
Details:
It was discovered that ConnMan could be made to write out of bounds. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-26675, CVE-2021-33833)
It was discovered that ConnMan could be made to leak sensitive information via the gdhcp component. A remote attacker could possibly use this issue to obtain information for further exploitation. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-26676)
It was discovered that ConnMan could be made to read out of bounds. A remote attacker could possibly use this issue to case ConnMan to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-23096, CVE-2022-23097)
It was discovered that ConnMan could be made to run into an infinite loop. A remote attacker could possibly use this issue to cause ConnMan to consume resources and to stop operating, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-23098)
It was discovered that ConnMan could be made to write out of bounds via the gweb component. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32292)
It was discovered that ConnMan did not properly manage memory under certain circumstances. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32293)
It was discovered that ConnMan could be made to write out of bounds via the gdhcp component. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-28488)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.04: connman 1.41-2ubuntu0.23.04.1
Ubuntu 22.04 LTS: connman 1.36-2.3ubuntu0.1
Ubuntu 20.04 LTS: connman 1.36-2ubuntu0.1
Ubuntu 18.04 LTS (Available with Ubuntu Pro): connman 1.35-6ubuntu0.1~esm1
Ubuntu 16.04 LTS (Available with Ubuntu Pro): connman 1.21-1.2+deb8u1ubuntu0.1~esm1
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-6236-1 CVE-2021-26675, CVE-2021-26676, CVE-2021-33833, CVE-2022-23096, CVE-2022-23097, CVE-2022-23098, CVE-2022-32292, CVE-2022-32293, CVE-2023-28488
Package Information: https://launchpad.net/ubuntu/+source/connman/1.41-2ubuntu0.23.04.1 https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1 https://launchpad.net/ubuntu/+source/connman/1.36-2ubuntu0.1
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202310-21
https://security.gentoo.org/
Severity: High Title: ConnMan: Multiple Vulnerabilities Date: October 31, 2023 Bugs: #832028, #863425 ID: 202310-21
Synopsis
Multiple vulnerabilities have been discovered in ConnMan, the worst of which can lead to remote code execution.
Background
ConnMan provides a daemon for managing Internet connections.
Affected packages
Package Vulnerable Unaffected
net-misc/connman < 1.42_pre20220801 >= 1.42_pre20220801
Description
Multiple vulnerabilities have been discovered in ConnMan. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All ConnMan users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/connman-1.42_pre20220801"
References
[ 1 ] CVE-2022-23096 https://nvd.nist.gov/vuln/detail/CVE-2022-23096 [ 2 ] CVE-2022-23097 https://nvd.nist.gov/vuln/detail/CVE-2022-23097 [ 3 ] CVE-2022-23098 https://nvd.nist.gov/vuln/detail/CVE-2022-23098 [ 4 ] CVE-2022-32292 https://nvd.nist.gov/vuln/detail/CVE-2022-32292 [ 5 ] CVE-2022-32293 https://nvd.nist.gov/vuln/detail/CVE-2022-32293
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202310-21
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202208-0314",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "connman",
"scope": "lte",
"trust": 1.0,
"vendor": "intel",
"version": "1.41"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "connman",
"scope": null,
"trust": 0.8,
"vendor": "\u30a4\u30f3\u30c6\u30eb",
"version": null
},
{
"model": "connman",
"scope": null,
"trust": 0.7,
"vendor": "connman",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-1187"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014094"
},
{
"db": "NVD",
"id": "CVE-2022-32292"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "David BERARD and Vincent DEHORS from @Synacktiv",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-1187"
}
],
"trust": 0.7
},
"cve": "CVE-2022-32292",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2022-32292",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-32292",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2022-32292",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-32292",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2022-32292",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2022-32292",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202208-2050",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-1187"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014094"
},
{
"db": "CNNVD",
"id": "CNNVD-202208-2050"
},
{
"db": "NVD",
"id": "CVE-2022-32292"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code. Intel\u0027s connman Products from other vendors have out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installation of ConnMan. Authentication is not required to exploit this vulnerability.The specific flaw exists within the received_data method. Crafted data in a HTTP response can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the ConnMan process.This vulnerability was demonstrated on a Tesla Model 3 during Pwn2Own 2022 Vancouver competition. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 1.36-2.2+deb11u1. \n\nWe recommend that you upgrade your connman packages. \n\nFor the detailed security status of connman please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/connman\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmMl6e9fFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0TRZA//QR46xvu66PMnDmLubjco12vyMnfonbCrOI+ZrgQl1OHtIB1/i1/sX/e6\nYJfjJpMjIM+9tbGP6wUSPYli4ZjW7fYGipaXJYFYH/Mxq8zleLO7YeO5RGtl7isi\ntrvOcJ0N8Og+KQZHymgxI9zSiAA1cA7VjWtdZjj7izt7fm2VN/xO7Yksecm053tF\nhBBffflPnOXL/BA75kQ6zK+l4GJKCoqE67zWqirpoFOIzbvQsOInfkG4WBh3fxee\ndzSjLJ5UjmEkiJC9la9y6TnO64b1nvNkp1akGbqVHmxQrrxcS5QoWvAa4K3mNVI8\nl7+lTLxqsodLv6io71pI6UQbvLiyeOBKBycGxbFvnX38GiuO2qjNGrrKUfi77Lj3\n23zwbKPiOl3bcBoH6/zhJmJsCR6rREN0uhULnEDMiiEQNVqbTw2RekFSNnSiprhC\nCvUhaioqcNQ0Km7Uhd23kIdpBcM5lZh3hwSXWuGxpEXyyBAzorn+1rh5l/Zu0x8I\nOpAbtgG4EaiB4crHBnDE8Tc2ZW/VmilnJF/syrVxL8zx78ZulK+fNmTwNWTV+wRz\nA5xHsvmR1D0FpBr2uKQ0bq6uDWxajd5kNOmboNnha3UL+EftjgIEW3f3Y4fgHeWx\n1io1lrYjacfCEm3uf+NnAjACpwnQzWh41EIJpIDBhI09KB+LDeQ=\n=qzlf\n-----END PGP SIGNATURE-----\n. ==========================================================================\nUbuntu Security Notice USN-6236-1\nJuly 19, 2023\n\nconnman vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 23.04\n- Ubuntu 22.04 LTS\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS (Available with Ubuntu Pro)\n- Ubuntu 16.04 LTS (Available with Ubuntu Pro)\n\nSummary:\n\nSeveral security issues were fixed in ConnMan. \n\nSoftware Description:\n- connman: Intel Connection Manager daemon\n\nDetails:\n\nIt was discovered that ConnMan could be made to write out of bounds. A\nremote attacker could possibly use this issue to cause ConnMan to crash,\nresulting in a denial of service, or possibly execute arbitrary code. This\nissue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. \n(CVE-2021-26675, CVE-2021-33833)\n\nIt was discovered that ConnMan could be made to leak sensitive information\nvia the gdhcp component. A remote attacker could possibly use this issue\nto obtain information for further exploitation. This issue only affected\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-26676)\n\nIt was discovered that ConnMan could be made to read out of bounds. A\nremote attacker could possibly use this issue to case ConnMan to crash,\nresulting in a denial of service. This issue only affected Ubuntu 16.04\nLTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. \n(CVE-2022-23096, CVE-2022-23097)\n\nIt was discovered that ConnMan could be made to run into an infinite loop. \nA remote attacker could possibly use this issue to cause ConnMan to\nconsume resources and to stop operating, resulting in a denial of service. \nThis issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04\nLTS, and Ubuntu 22.04 LTS. (CVE-2022-23098)\n\nIt was discovered that ConnMan could be made to write out of bounds via\nthe gweb component. A remote attacker could possibly use this issue to\ncause ConnMan to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu\n18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32292)\n\nIt was discovered that ConnMan did not properly manage memory under\ncertain circumstances. A remote attacker could possibly use this issue to\ncause ConnMan to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu\n18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32293)\n\nIt was discovered that ConnMan could be made to write out of bounds via\nthe gdhcp component. A remote attacker could possibly use this issue to\ncause ConnMan to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. (CVE-2023-28488)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 23.04:\n connman 1.41-2ubuntu0.23.04.1\n\nUbuntu 22.04 LTS:\n connman 1.36-2.3ubuntu0.1\n\nUbuntu 20.04 LTS:\n connman 1.36-2ubuntu0.1\n\nUbuntu 18.04 LTS (Available with Ubuntu Pro):\n connman 1.35-6ubuntu0.1~esm1\n\nUbuntu 16.04 LTS (Available with Ubuntu Pro):\n connman 1.21-1.2+deb8u1ubuntu0.1~esm1\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n https://ubuntu.com/security/notices/USN-6236-1\n CVE-2021-26675, CVE-2021-26676, CVE-2021-33833, CVE-2022-23096,\n CVE-2022-23097, CVE-2022-23098, CVE-2022-32292, CVE-2022-32293,\n CVE-2023-28488\n\nPackage Information:\nhttps://launchpad.net/ubuntu/+source/connman/1.41-2ubuntu0.23.04.1\n https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1\n https://launchpad.net/ubuntu/+source/connman/1.36-2ubuntu0.1\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202310-21\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: ConnMan: Multiple Vulnerabilities\n Date: October 31, 2023\n Bugs: #832028, #863425\n ID: 202310-21\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=======\nMultiple vulnerabilities have been discovered in ConnMan, the worst of\nwhich can lead to remote code execution. \n\nBackground\n=========\nConnMan provides a daemon for managing Internet connections. \n\nAffected packages\n================\nPackage Vulnerable Unaffected\n---------------- ------------------ -------------------\nnet-misc/connman \u003c 1.42_pre20220801 \u003e= 1.42_pre20220801\n\nDescription\n==========\nMultiple vulnerabilities have been discovered in ConnMan. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n=====\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n=========\nThere is no known workaround at this time. \n\nResolution\n=========\nAll ConnMan users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/connman-1.42_pre20220801\"\n\nReferences\n=========\n[ 1 ] CVE-2022-23096\n https://nvd.nist.gov/vuln/detail/CVE-2022-23096\n[ 2 ] CVE-2022-23097\n https://nvd.nist.gov/vuln/detail/CVE-2022-23097\n[ 3 ] CVE-2022-23098\n https://nvd.nist.gov/vuln/detail/CVE-2022-23098\n[ 4 ] CVE-2022-32292\n https://nvd.nist.gov/vuln/detail/CVE-2022-32292\n[ 5 ] CVE-2022-32293\n https://nvd.nist.gov/vuln/detail/CVE-2022-32293\n\nAvailability\n===========\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202310-21\n\nConcerns?\n========\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n======\nCopyright 2023 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-32292"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014094"
},
{
"db": "ZDI",
"id": "ZDI-22-1187"
},
{
"db": "VULHUB",
"id": "VHN-424310"
},
{
"db": "VULMON",
"id": "CVE-2022-32292"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-32292",
"trust": 4.4
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014094",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-17448",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-22-1187",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "169386",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2023.4078",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4634",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202208-2050",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-424310",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-32292",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "173601",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "175441",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-1187"
},
{
"db": "VULHUB",
"id": "VHN-424310"
},
{
"db": "VULMON",
"id": "CVE-2022-32292"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014094"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202208-2050"
},
{
"db": "NVD",
"id": "CVE-2022-32292"
}
]
},
"id": "VAR-202208-0314",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-424310"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:11:15.001000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ConnMan has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=d1a5ede5d255bde8ef707f8441b997563b9312bd"
},
{
"title": "Linux kernel Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=203236"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-1187"
},
{
"db": "CNNVD",
"id": "CNNVD-202208-2050"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-424310"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014094"
},
{
"db": "NVD",
"id": "CVE-2022-32292"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1200189"
},
{
"trust": 2.5,
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"trust": 1.6,
"url": "https://lore.kernel.org/connman/20220801080043.4861-5-wagi@monom.org/"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32292"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/202310-21"
},
{
"trust": 1.0,
"url": "https://lore.kernel.org/connman/20220801080043.4861-5-wagi%40monom.org/"
},
{
"trust": 0.7,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=d1a5ede5d255bde8ef707f8441b997563b9312bd"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/connman-two-vulnerabilities-38973"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169386/debian-security-advisory-5231-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.4078"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-32292/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4634"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23097"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23098"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32293"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23096"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/connman"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/connman/1.36-2ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-28488"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26676"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/connman/1.41-2ubuntu0.23.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26675"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6236-1"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-1187"
},
{
"db": "VULHUB",
"id": "VHN-424310"
},
{
"db": "VULMON",
"id": "CVE-2022-32292"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014094"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202208-2050"
},
{
"db": "NVD",
"id": "CVE-2022-32292"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-22-1187"
},
{
"db": "VULHUB",
"id": "VHN-424310"
},
{
"db": "VULMON",
"id": "CVE-2022-32292"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014094"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202208-2050"
},
{
"db": "NVD",
"id": "CVE-2022-32292"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-1187"
},
{
"date": "2022-08-03T00:00:00",
"db": "VULHUB",
"id": "VHN-424310"
},
{
"date": "2022-08-03T00:00:00",
"db": "VULMON",
"id": "CVE-2022-32292"
},
{
"date": "2023-09-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-014094"
},
{
"date": "2022-09-28T19:12:00",
"db": "PACKETSTORM",
"id": "169386"
},
{
"date": "2023-07-19T15:26:27",
"db": "PACKETSTORM",
"id": "173601"
},
{
"date": "2023-10-31T13:14:45",
"db": "PACKETSTORM",
"id": "175441"
},
{
"date": "2022-08-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202208-2050"
},
{
"date": "2022-08-03T14:15:08.620000",
"db": "NVD",
"id": "CVE-2022-32292"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-1187"
},
{
"date": "2022-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-424310"
},
{
"date": "2022-08-03T00:00:00",
"db": "VULMON",
"id": "CVE-2022-32292"
},
{
"date": "2023-09-14T08:11:00",
"db": "JVNDB",
"id": "JVNDB-2022-014094"
},
{
"date": "2023-07-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202208-2050"
},
{
"date": "2023-12-21T18:51:27.990000",
"db": "NVD",
"id": "CVE-2022-32292"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202208-2050"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel\u0027s \u00a0connman\u00a0 Out-of-Bounds Write Vulnerability in Other Vendors\u0027 Products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014094"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202208-2050"
}
],
"trust": 0.6
}
}
var-202102-1243
Vulnerability from variot
A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code. ConnMan Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202107-29
https://security.gentoo.org/
Severity: Normal Title: ConnMan: Multiple vulnerabilities Date: July 12, 2021 Bugs: #769491, #795084 ID: 202107-29
Synopsis
A buffer overflow in ConnMan might allow remote attacker(s) to execute arbitrary code.
Background
ConnMan provides a daemon for managing Internet connections.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-misc/connman < 1.40 >= 1.40
Description
Multiple vulnerabilities have been discovered in connman. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All ConnMan users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/connman-1.40"
References
[ 1 ] CVE-2021-26675 https://nvd.nist.gov/vuln/detail/CVE-2021-26675 [ 2 ] CVE-2021-26676 https://nvd.nist.gov/vuln/detail/CVE-2021-26676 [ 3 ] CVE-2021-33833 https://nvd.nist.gov/vuln/detail/CVE-2021-33833
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202107-29
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2021 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
.
For the stable distribution (buster), these problems have been fixed in version 1.36-2.1~deb10u1.
We recommend that you upgrade your connman packages.
For the detailed security status of connman please refer to its security tracker page at: https://security-tracker.debian.org/tracker/connman
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmAhl9pfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0ToGg//e9ZijJG7S7wkyc4I+q+1Bn1kPikXh4osJ9wgNSUKdcsIGWpjAvnW+X1H WwT5OI+7BeuAK1uAvGIuDK5s6cPsaa8NUKLsAwgKKcwCJcN74wLKls+3j7vt4nQA ynenKrwYBxxdfq9oUFPIvMhWggZ5a1LFqbgLeXnQc36IGAJSpkCMogJpOIQqc3Ed Xi7I7TKk3l2rxsvNxD+qPaRp+0p81trEcX7M81yhEBpg1q2UeEKLrDWkHxT1+l4N +ZHGT71zS5vq7pUrwWURlcy4mwOvNG0VA7BSu/j2mCAH2iUiRMEYOnZWEZTT9rS0 woDFAtU0Yp/zE6FhnXK0iwPyTfv9lJaOLpf30QnT3rc14t1sGhs460Hzv6XUbgjA Z89M5J+ImESPr3S1P7Tw39giD8LRsuXCqX8Hh3blz8astlrp9G+vmH/oN7U/yo9j uaGuwytV5aJuDDyl6tiMPz4nl537fxawdn95Mm9R67F1glESkEUob8ua2PRJDDCl 5ZPkTRwrIMyf2yS9ggvml2AsJbKUEs7pHxuzSpf9f/0ac5vBSwlXgLiEsq91uDxj TkEoXa/UKXyjDqnp4I/ctiwAopcp51Dvmsi2eiLKKxlS8XHWUZxVTSToqcGbj3OU isUqzGXEpvRgvC7u7oFS7FvSX+rBR0+H4iXq8MwCZvgfLldCyLQ= =5+D+ -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-6236-1 July 19, 2023
connman vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.04
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
Summary:
Several security issues were fixed in ConnMan.
Software Description: - connman: Intel Connection Manager daemon
Details:
It was discovered that ConnMan could be made to write out of bounds. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-26675, CVE-2021-33833)
It was discovered that ConnMan could be made to leak sensitive information via the gdhcp component. A remote attacker could possibly use this issue to obtain information for further exploitation. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-26676)
It was discovered that ConnMan could be made to read out of bounds. A remote attacker could possibly use this issue to case ConnMan to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-23096, CVE-2022-23097)
It was discovered that ConnMan could be made to run into an infinite loop. A remote attacker could possibly use this issue to cause ConnMan to consume resources and to stop operating, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-23098)
It was discovered that ConnMan could be made to write out of bounds via the gweb component. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32292)
It was discovered that ConnMan did not properly manage memory under certain circumstances. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32293)
It was discovered that ConnMan could be made to write out of bounds via the gdhcp component. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-28488)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.04: connman 1.41-2ubuntu0.23.04.1
Ubuntu 22.04 LTS: connman 1.36-2.3ubuntu0.1
Ubuntu 20.04 LTS: connman 1.36-2ubuntu0.1
Ubuntu 18.04 LTS (Available with Ubuntu Pro): connman 1.35-6ubuntu0.1~esm1
Ubuntu 16.04 LTS (Available with Ubuntu Pro): connman 1.21-1.2+deb8u1ubuntu0.1~esm1
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-6236-1 CVE-2021-26675, CVE-2021-26676, CVE-2021-33833, CVE-2022-23096, CVE-2022-23097, CVE-2022-23098, CVE-2022-32292, CVE-2022-32293, CVE-2023-28488
Package Information: https://launchpad.net/ubuntu/+source/connman/1.41-2ubuntu0.23.04.1 https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1 https://launchpad.net/ubuntu/+source/connman/1.36-2ubuntu0.1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202102-1243",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "connman",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "1.39"
},
{
"model": "leap",
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "connman",
"scope": null,
"trust": 0.8,
"vendor": "connman",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-003675"
},
{
"db": "NVD",
"id": "CVE-2021-26675"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "163473"
}
],
"trust": 0.1
},
"cve": "CVE-2021-26675",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2021-26675",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "VHN-385824",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-26675",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-26675",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-26675",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-26675",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202102-745",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-385824",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-385824"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-003675"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-745"
},
{
"db": "NVD",
"id": "CVE-2021-26675"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code. ConnMan Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202107-29\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: ConnMan: Multiple vulnerabilities\n Date: July 12, 2021\n Bugs: #769491, #795084\n ID: 202107-29\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nA buffer overflow in ConnMan might allow remote attacker(s) to execute\narbitrary code. \n\nBackground\n==========\n\nConnMan provides a daemon for managing Internet connections. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-misc/connman \u003c 1.40 \u003e= 1.40\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in connman. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll ConnMan users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/connman-1.40\"\n\nReferences\n==========\n\n[ 1 ] CVE-2021-26675\n https://nvd.nist.gov/vuln/detail/CVE-2021-26675\n[ 2 ] CVE-2021-26676\n https://nvd.nist.gov/vuln/detail/CVE-2021-26676\n[ 3 ] CVE-2021-33833\n https://nvd.nist.gov/vuln/detail/CVE-2021-33833\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202107-29\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2021 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n\n. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1.36-2.1~deb10u1. \n\nWe recommend that you upgrade your connman packages. \n\nFor the detailed security status of connman please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/connman\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmAhl9pfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0ToGg//e9ZijJG7S7wkyc4I+q+1Bn1kPikXh4osJ9wgNSUKdcsIGWpjAvnW+X1H\nWwT5OI+7BeuAK1uAvGIuDK5s6cPsaa8NUKLsAwgKKcwCJcN74wLKls+3j7vt4nQA\nynenKrwYBxxdfq9oUFPIvMhWggZ5a1LFqbgLeXnQc36IGAJSpkCMogJpOIQqc3Ed\nXi7I7TKk3l2rxsvNxD+qPaRp+0p81trEcX7M81yhEBpg1q2UeEKLrDWkHxT1+l4N\n+ZHGT71zS5vq7pUrwWURlcy4mwOvNG0VA7BSu/j2mCAH2iUiRMEYOnZWEZTT9rS0\nwoDFAtU0Yp/zE6FhnXK0iwPyTfv9lJaOLpf30QnT3rc14t1sGhs460Hzv6XUbgjA\nZ89M5J+ImESPr3S1P7Tw39giD8LRsuXCqX8Hh3blz8astlrp9G+vmH/oN7U/yo9j\nuaGuwytV5aJuDDyl6tiMPz4nl537fxawdn95Mm9R67F1glESkEUob8ua2PRJDDCl\n5ZPkTRwrIMyf2yS9ggvml2AsJbKUEs7pHxuzSpf9f/0ac5vBSwlXgLiEsq91uDxj\nTkEoXa/UKXyjDqnp4I/ctiwAopcp51Dvmsi2eiLKKxlS8XHWUZxVTSToqcGbj3OU\nisUqzGXEpvRgvC7u7oFS7FvSX+rBR0+H4iXq8MwCZvgfLldCyLQ=\n=5+D+\n-----END PGP SIGNATURE-----\n. ==========================================================================\nUbuntu Security Notice USN-6236-1\nJuly 19, 2023\n\nconnman vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 23.04\n- Ubuntu 22.04 LTS\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS (Available with Ubuntu Pro)\n- Ubuntu 16.04 LTS (Available with Ubuntu Pro)\n\nSummary:\n\nSeveral security issues were fixed in ConnMan. \n\nSoftware Description:\n- connman: Intel Connection Manager daemon\n\nDetails:\n\nIt was discovered that ConnMan could be made to write out of bounds. A\nremote attacker could possibly use this issue to cause ConnMan to crash,\nresulting in a denial of service, or possibly execute arbitrary code. This\nissue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. \n(CVE-2021-26675, CVE-2021-33833)\n\nIt was discovered that ConnMan could be made to leak sensitive information\nvia the gdhcp component. A remote attacker could possibly use this issue\nto obtain information for further exploitation. This issue only affected\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-26676)\n\nIt was discovered that ConnMan could be made to read out of bounds. A\nremote attacker could possibly use this issue to case ConnMan to crash,\nresulting in a denial of service. This issue only affected Ubuntu 16.04\nLTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. \n(CVE-2022-23096, CVE-2022-23097)\n\nIt was discovered that ConnMan could be made to run into an infinite loop. \nA remote attacker could possibly use this issue to cause ConnMan to\nconsume resources and to stop operating, resulting in a denial of service. \nThis issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04\nLTS, and Ubuntu 22.04 LTS. (CVE-2022-23098)\n\nIt was discovered that ConnMan could be made to write out of bounds via\nthe gweb component. A remote attacker could possibly use this issue to\ncause ConnMan to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu\n18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32292)\n\nIt was discovered that ConnMan did not properly manage memory under\ncertain circumstances. A remote attacker could possibly use this issue to\ncause ConnMan to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu\n18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32293)\n\nIt was discovered that ConnMan could be made to write out of bounds via\nthe gdhcp component. A remote attacker could possibly use this issue to\ncause ConnMan to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. (CVE-2023-28488)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 23.04:\n connman 1.41-2ubuntu0.23.04.1\n\nUbuntu 22.04 LTS:\n connman 1.36-2.3ubuntu0.1\n\nUbuntu 20.04 LTS:\n connman 1.36-2ubuntu0.1\n\nUbuntu 18.04 LTS (Available with Ubuntu Pro):\n connman 1.35-6ubuntu0.1~esm1\n\nUbuntu 16.04 LTS (Available with Ubuntu Pro):\n connman 1.21-1.2+deb8u1ubuntu0.1~esm1\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n https://ubuntu.com/security/notices/USN-6236-1\n CVE-2021-26675, CVE-2021-26676, CVE-2021-33833, CVE-2022-23096,\n CVE-2022-23097, CVE-2022-23098, CVE-2022-32292, CVE-2022-32293,\n CVE-2023-28488\n\nPackage Information:\nhttps://launchpad.net/ubuntu/+source/connman/1.41-2ubuntu0.23.04.1\n https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1\n https://launchpad.net/ubuntu/+source/connman/1.36-2ubuntu0.1\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-26675"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-003675"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "VULHUB",
"id": "VHN-385824"
},
{
"db": "PACKETSTORM",
"id": "163473"
},
{
"db": "PACKETSTORM",
"id": "168994"
},
{
"db": "PACKETSTORM",
"id": "173601"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-26675",
"trust": 2.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/02/08/2",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "163473",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-003675",
"trust": 0.8
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.4078",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0511",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021071202",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202102-745",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-385824",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168994",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "173601",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-385824"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-003675"
},
{
"db": "PACKETSTORM",
"id": "163473"
},
{
"db": "PACKETSTORM",
"id": "168994"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-745"
},
{
"db": "NVD",
"id": "CVE-2021-26675"
}
]
},
"id": "VAR-202102-1243",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-385824"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:00:13.112000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "DSA-4847-1 openSUSE\u00a0projectBugzilla",
"trust": 0.8,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e4079a20f617a4b076af503f6e4e8b0304c9f2cb"
},
{
"title": "ConnMan Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=142575"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-003675"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-745"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-385824"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-003675"
},
{
"db": "NVD",
"id": "CVE-2021-26675"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/202107-29"
},
{
"trust": 1.7,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e4079a20f617a4b076af503f6e4e8b0304c9f2cb"
},
{
"trust": 1.7,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/tree/changelog"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2021/dsa-4847"
},
{
"trust": 1.7,
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1181751"
},
{
"trust": 1.7,
"url": "https://kunnamon.io/tbone/"
},
{
"trust": 1.7,
"url": "https://www.openwall.com/lists/oss-security/2021/02/08/2"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00013.html"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26675"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.4078"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/connman-information-disclosure-34514"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163473/gentoo-linux-security-advisory-202107-29.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0511"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021071202"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26676"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33833"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/connman"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/connman/1.36-2ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-28488"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32293"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/connman/1.41-2ubuntu0.23.04.1"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6236-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23098"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-385824"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-003675"
},
{
"db": "PACKETSTORM",
"id": "163473"
},
{
"db": "PACKETSTORM",
"id": "168994"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-745"
},
{
"db": "NVD",
"id": "CVE-2021-26675"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-385824"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-003675"
},
{
"db": "PACKETSTORM",
"id": "163473"
},
{
"db": "PACKETSTORM",
"id": "168994"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-745"
},
{
"db": "NVD",
"id": "CVE-2021-26675"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-02-09T00:00:00",
"db": "VULHUB",
"id": "VHN-385824"
},
{
"date": "2021-11-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-003675"
},
{
"date": "2021-07-13T15:09:13",
"db": "PACKETSTORM",
"id": "163473"
},
{
"date": "2021-02-28T20:12:00",
"db": "PACKETSTORM",
"id": "168994"
},
{
"date": "2023-07-19T15:26:27",
"db": "PACKETSTORM",
"id": "173601"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202102-745"
},
{
"date": "2021-02-09T16:15:12.453000",
"db": "NVD",
"id": "CVE-2021-26675"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-23T00:00:00",
"db": "VULHUB",
"id": "VHN-385824"
},
{
"date": "2021-11-01T09:04:00",
"db": "JVNDB",
"id": "JVNDB-2021-003675"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2023-07-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202102-745"
},
{
"date": "2024-11-21T05:56:39.123000",
"db": "NVD",
"id": "CVE-2021-26675"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202102-745"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ConnMan\u00a0 Out-of-bounds Vulnerability in Microsoft",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-003675"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
],
"trust": 0.6
}
}
var-202201-0522
Vulnerability from variot
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received. Connman Exists in an infinite loop vulnerability.Service operation interruption (DoS) It may be in a state.
For the stable distribution (bullseye), these problems have been fixed in version 1.36-2.2+deb11u1.
We recommend that you upgrade your connman packages.
For the detailed security status of connman please refer to its security tracker page at: https://security-tracker.debian.org/tracker/connman
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmMl6e9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TRZA//QR46xvu66PMnDmLubjco12vyMnfonbCrOI+ZrgQl1OHtIB1/i1/sX/e6 YJfjJpMjIM+9tbGP6wUSPYli4ZjW7fYGipaXJYFYH/Mxq8zleLO7YeO5RGtl7isi trvOcJ0N8Og+KQZHymgxI9zSiAA1cA7VjWtdZjj7izt7fm2VN/xO7Yksecm053tF hBBffflPnOXL/BA75kQ6zK+l4GJKCoqE67zWqirpoFOIzbvQsOInfkG4WBh3fxee dzSjLJ5UjmEkiJC9la9y6TnO64b1nvNkp1akGbqVHmxQrrxcS5QoWvAa4K3mNVI8 l7+lTLxqsodLv6io71pI6UQbvLiyeOBKBycGxbFvnX38GiuO2qjNGrrKUfi77Lj3 23zwbKPiOl3bcBoH6/zhJmJsCR6rREN0uhULnEDMiiEQNVqbTw2RekFSNnSiprhC CvUhaioqcNQ0Km7Uhd23kIdpBcM5lZh3hwSXWuGxpEXyyBAzorn+1rh5l/Zu0x8I OpAbtgG4EaiB4crHBnDE8Tc2ZW/VmilnJF/syrVxL8zx78ZulK+fNmTwNWTV+wRz A5xHsvmR1D0FpBr2uKQ0bq6uDWxajd5kNOmboNnha3UL+EftjgIEW3f3Y4fgHeWx 1io1lrYjacfCEm3uf+NnAjACpwnQzWh41EIJpIDBhI09KB+LDeQ= =qzlf -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-6236-1 July 19, 2023
connman vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.04
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
Summary:
Several security issues were fixed in ConnMan.
Software Description: - connman: Intel Connection Manager daemon
Details:
It was discovered that ConnMan could be made to write out of bounds. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-26675, CVE-2021-33833)
It was discovered that ConnMan could be made to leak sensitive information via the gdhcp component. A remote attacker could possibly use this issue to obtain information for further exploitation. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-26676)
It was discovered that ConnMan could be made to read out of bounds. A remote attacker could possibly use this issue to case ConnMan to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-23096, CVE-2022-23097)
It was discovered that ConnMan could be made to run into an infinite loop. A remote attacker could possibly use this issue to cause ConnMan to consume resources and to stop operating, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-23098)
It was discovered that ConnMan could be made to write out of bounds via the gweb component. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32292)
It was discovered that ConnMan did not properly manage memory under certain circumstances. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32293)
It was discovered that ConnMan could be made to write out of bounds via the gdhcp component. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-28488)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.04: connman 1.41-2ubuntu0.23.04.1
Ubuntu 22.04 LTS: connman 1.36-2.3ubuntu0.1
Ubuntu 20.04 LTS: connman 1.36-2ubuntu0.1
Ubuntu 18.04 LTS (Available with Ubuntu Pro): connman 1.35-6ubuntu0.1~esm1
Ubuntu 16.04 LTS (Available with Ubuntu Pro): connman 1.21-1.2+deb8u1ubuntu0.1~esm1
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-6236-1 CVE-2021-26675, CVE-2021-26676, CVE-2021-33833, CVE-2022-23096, CVE-2022-23097, CVE-2022-23098, CVE-2022-32292, CVE-2022-32293, CVE-2023-28488
Package Information: https://launchpad.net/ubuntu/+source/connman/1.41-2ubuntu0.23.04.1 https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1 https://launchpad.net/ubuntu/+source/connman/1.36-2ubuntu0.1
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202310-21
https://security.gentoo.org/
Severity: High Title: ConnMan: Multiple Vulnerabilities Date: October 31, 2023 Bugs: #832028, #863425 ID: 202310-21
Synopsis
Multiple vulnerabilities have been discovered in ConnMan, the worst of which can lead to remote code execution.
Background
ConnMan provides a daemon for managing Internet connections.
Affected packages
Package Vulnerable Unaffected
net-misc/connman < 1.42_pre20220801 >= 1.42_pre20220801
Description
Multiple vulnerabilities have been discovered in ConnMan. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All ConnMan users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/connman-1.42_pre20220801"
References
[ 1 ] CVE-2022-23096 https://nvd.nist.gov/vuln/detail/CVE-2022-23096 [ 2 ] CVE-2022-23097 https://nvd.nist.gov/vuln/detail/CVE-2022-23097 [ 3 ] CVE-2022-23098 https://nvd.nist.gov/vuln/detail/CVE-2022-23098 [ 4 ] CVE-2022-32292 https://nvd.nist.gov/vuln/detail/CVE-2022-32292 [ 5 ] CVE-2022-32293 https://nvd.nist.gov/vuln/detail/CVE-2022-32293
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202310-21
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202201-0522",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "connman",
"scope": "lte",
"trust": 1.0,
"vendor": "intel",
"version": "1.40"
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "connman",
"scope": null,
"trust": 0.8,
"vendor": "connman",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-004291"
},
{
"db": "NVD",
"id": "CVE-2022-23098"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Debian",
"sources": [
{
"db": "PACKETSTORM",
"id": "169386"
}
],
"trust": 0.1
},
"cve": "CVE-2022-23098",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2022-23098",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-411975",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2022-23098",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2022-23098",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-23098",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-23098",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202201-2597",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-411975",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2022-23098",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411975"
},
{
"db": "VULMON",
"id": "CVE-2022-23098"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004291"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2597"
},
{
"db": "NVD",
"id": "CVE-2022-23098"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received. Connman Exists in an infinite loop vulnerability.Service operation interruption (DoS) It may be in a state. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 1.36-2.2+deb11u1. \n\nWe recommend that you upgrade your connman packages. \n\nFor the detailed security status of connman please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/connman\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmMl6e9fFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0TRZA//QR46xvu66PMnDmLubjco12vyMnfonbCrOI+ZrgQl1OHtIB1/i1/sX/e6\nYJfjJpMjIM+9tbGP6wUSPYli4ZjW7fYGipaXJYFYH/Mxq8zleLO7YeO5RGtl7isi\ntrvOcJ0N8Og+KQZHymgxI9zSiAA1cA7VjWtdZjj7izt7fm2VN/xO7Yksecm053tF\nhBBffflPnOXL/BA75kQ6zK+l4GJKCoqE67zWqirpoFOIzbvQsOInfkG4WBh3fxee\ndzSjLJ5UjmEkiJC9la9y6TnO64b1nvNkp1akGbqVHmxQrrxcS5QoWvAa4K3mNVI8\nl7+lTLxqsodLv6io71pI6UQbvLiyeOBKBycGxbFvnX38GiuO2qjNGrrKUfi77Lj3\n23zwbKPiOl3bcBoH6/zhJmJsCR6rREN0uhULnEDMiiEQNVqbTw2RekFSNnSiprhC\nCvUhaioqcNQ0Km7Uhd23kIdpBcM5lZh3hwSXWuGxpEXyyBAzorn+1rh5l/Zu0x8I\nOpAbtgG4EaiB4crHBnDE8Tc2ZW/VmilnJF/syrVxL8zx78ZulK+fNmTwNWTV+wRz\nA5xHsvmR1D0FpBr2uKQ0bq6uDWxajd5kNOmboNnha3UL+EftjgIEW3f3Y4fgHeWx\n1io1lrYjacfCEm3uf+NnAjACpwnQzWh41EIJpIDBhI09KB+LDeQ=\n=qzlf\n-----END PGP SIGNATURE-----\n. ==========================================================================\nUbuntu Security Notice USN-6236-1\nJuly 19, 2023\n\nconnman vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 23.04\n- Ubuntu 22.04 LTS\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS (Available with Ubuntu Pro)\n- Ubuntu 16.04 LTS (Available with Ubuntu Pro)\n\nSummary:\n\nSeveral security issues were fixed in ConnMan. \n\nSoftware Description:\n- connman: Intel Connection Manager daemon\n\nDetails:\n\nIt was discovered that ConnMan could be made to write out of bounds. A\nremote attacker could possibly use this issue to cause ConnMan to crash,\nresulting in a denial of service, or possibly execute arbitrary code. This\nissue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. \n(CVE-2021-26675, CVE-2021-33833)\n\nIt was discovered that ConnMan could be made to leak sensitive information\nvia the gdhcp component. A remote attacker could possibly use this issue\nto obtain information for further exploitation. This issue only affected\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-26676)\n\nIt was discovered that ConnMan could be made to read out of bounds. A\nremote attacker could possibly use this issue to case ConnMan to crash,\nresulting in a denial of service. This issue only affected Ubuntu 16.04\nLTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. \n(CVE-2022-23096, CVE-2022-23097)\n\nIt was discovered that ConnMan could be made to run into an infinite loop. \nA remote attacker could possibly use this issue to cause ConnMan to\nconsume resources and to stop operating, resulting in a denial of service. \nThis issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04\nLTS, and Ubuntu 22.04 LTS. (CVE-2022-23098)\n\nIt was discovered that ConnMan could be made to write out of bounds via\nthe gweb component. A remote attacker could possibly use this issue to\ncause ConnMan to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu\n18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32292)\n\nIt was discovered that ConnMan did not properly manage memory under\ncertain circumstances. A remote attacker could possibly use this issue to\ncause ConnMan to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu\n18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32293)\n\nIt was discovered that ConnMan could be made to write out of bounds via\nthe gdhcp component. A remote attacker could possibly use this issue to\ncause ConnMan to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. (CVE-2023-28488)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 23.04:\n connman 1.41-2ubuntu0.23.04.1\n\nUbuntu 22.04 LTS:\n connman 1.36-2.3ubuntu0.1\n\nUbuntu 20.04 LTS:\n connman 1.36-2ubuntu0.1\n\nUbuntu 18.04 LTS (Available with Ubuntu Pro):\n connman 1.35-6ubuntu0.1~esm1\n\nUbuntu 16.04 LTS (Available with Ubuntu Pro):\n connman 1.21-1.2+deb8u1ubuntu0.1~esm1\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n https://ubuntu.com/security/notices/USN-6236-1\n CVE-2021-26675, CVE-2021-26676, CVE-2021-33833, CVE-2022-23096,\n CVE-2022-23097, CVE-2022-23098, CVE-2022-32292, CVE-2022-32293,\n CVE-2023-28488\n\nPackage Information:\nhttps://launchpad.net/ubuntu/+source/connman/1.41-2ubuntu0.23.04.1\n https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1\n https://launchpad.net/ubuntu/+source/connman/1.36-2ubuntu0.1\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202310-21\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: ConnMan: Multiple Vulnerabilities\n Date: October 31, 2023\n Bugs: #832028, #863425\n ID: 202310-21\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=======\nMultiple vulnerabilities have been discovered in ConnMan, the worst of\nwhich can lead to remote code execution. \n\nBackground\n=========\nConnMan provides a daemon for managing Internet connections. \n\nAffected packages\n================\nPackage Vulnerable Unaffected\n---------------- ------------------ -------------------\nnet-misc/connman \u003c 1.42_pre20220801 \u003e= 1.42_pre20220801\n\nDescription\n==========\nMultiple vulnerabilities have been discovered in ConnMan. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n=====\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n=========\nThere is no known workaround at this time. \n\nResolution\n=========\nAll ConnMan users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/connman-1.42_pre20220801\"\n\nReferences\n=========\n[ 1 ] CVE-2022-23096\n https://nvd.nist.gov/vuln/detail/CVE-2022-23096\n[ 2 ] CVE-2022-23097\n https://nvd.nist.gov/vuln/detail/CVE-2022-23097\n[ 3 ] CVE-2022-23098\n https://nvd.nist.gov/vuln/detail/CVE-2022-23098\n[ 4 ] CVE-2022-32292\n https://nvd.nist.gov/vuln/detail/CVE-2022-32292\n[ 5 ] CVE-2022-32293\n https://nvd.nist.gov/vuln/detail/CVE-2022-32293\n\nAvailability\n===========\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202310-21\n\nConcerns?\n========\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n======\nCopyright 2023 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-23098"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004291"
},
{
"db": "VULHUB",
"id": "VHN-411975"
},
{
"db": "VULMON",
"id": "CVE-2022-23098"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-23098",
"trust": 3.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/01/25/1",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004291",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "169386",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2023.4078",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4634",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2597",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-411975",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-23098",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "173601",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "175441",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411975"
},
{
"db": "VULMON",
"id": "CVE-2022-23098"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004291"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2597"
},
{
"db": "NVD",
"id": "CVE-2022-23098"
}
]
},
"id": "VAR-202201-0522",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-411975"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:45:22.329000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "[SECURITY]\u00a0[DLA\u00a02915-1]\u00a0connman\u00a0security\u00a0update Debian\u00a0Security\u00a0Advisory",
"trust": 0.8,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/log/"
},
{
"title": "Connman Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=180421"
},
{
"title": "Debian CVElist Bug Report Logs: connman: CVE-2022-23096 CVE-2022-23097 CVE-2022-23098",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=fbf02d2c0058862b318dcda12f0708ac"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2022-23098"
},
{
"title": "Debian Security Advisories: DSA-5231-1 connman -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a35ea7e493a595256b90605cc6e8cb63"
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-23305 "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-RCE "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-23098"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004291"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2597"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-835",
"trust": 1.1
},
{
"problemtype": "infinite loop (CWE-835) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411975"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004291"
},
{
"db": "NVD",
"id": "CVE-2022-23098"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.openwall.com/lists/oss-security/2022/01/25/1"
},
{
"trust": 1.9,
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"trust": 1.8,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/log/"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00009.html"
},
{
"trust": 1.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23098"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/202310-21"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169386/debian-security-advisory-5231-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.4078"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/connman-three-vulnerabilities-37503"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4634"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23097"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32292"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32293"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23096"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/835.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004935"
},
{
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/connman"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/connman/1.36-2ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-28488"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26676"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/connman/1.41-2ubuntu0.23.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26675"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6236-1"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411975"
},
{
"db": "VULMON",
"id": "CVE-2022-23098"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004291"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2597"
},
{
"db": "NVD",
"id": "CVE-2022-23098"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-411975"
},
{
"db": "VULMON",
"id": "CVE-2022-23098"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004291"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2597"
},
{
"db": "NVD",
"id": "CVE-2022-23098"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-28T00:00:00",
"db": "VULHUB",
"id": "VHN-411975"
},
{
"date": "2022-01-28T00:00:00",
"db": "VULMON",
"id": "CVE-2022-23098"
},
{
"date": "2023-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-004291"
},
{
"date": "2022-09-28T19:12:00",
"db": "PACKETSTORM",
"id": "169386"
},
{
"date": "2023-07-19T15:26:27",
"db": "PACKETSTORM",
"id": "173601"
},
{
"date": "2023-10-31T13:14:45",
"db": "PACKETSTORM",
"id": "175441"
},
{
"date": "2022-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-2597"
},
{
"date": "2022-01-28T16:15:07.990000",
"db": "NVD",
"id": "CVE-2022-23098"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-411975"
},
{
"date": "2023-12-21T00:00:00",
"db": "VULMON",
"id": "CVE-2022-23098"
},
{
"date": "2023-04-04T07:26:00",
"db": "JVNDB",
"id": "JVNDB-2022-004291"
},
{
"date": "2023-07-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-2597"
},
{
"date": "2024-11-21T06:47:59.270000",
"db": "NVD",
"id": "CVE-2022-23098"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2597"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Connman\u00a0 Infinite loop vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-004291"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-2597"
}
],
"trust": 0.6
}
}
var-201708-1104
Vulnerability from variot
Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the "name" variable. ConnMan Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. connman is prone to a stack-based buffer overflow vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. connman 1.34 and prior are vulnerable. ConnMan is a tool for network management on Tizen systems. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Debian Security Advisory DSA-3956-1 security@debian.org https://www.debian.org/security/ Luciano Bello August 27, 2017 https://www.debian.org/security/faq
Package : connman CVE ID : CVE-2017-12865 Debian Bug : 872844
Security consultants in NRI Secure Technologies discovered a stack overflow vulnerability in ConnMan, a network manager for embedded devices.
For the oldstable distribution (jessie), this problem has been fixed in version 1.21-1.2+deb8u1.
For the stable distribution (stretch), this problem has been fixed in version 1.33-3+deb9u1.
For the testing distribution (buster), this problem has been fixed in version 1.33-3+deb9u1.
For the unstable distribution (sid), this problem has been fixed in version 1.35-1.
We recommend that you upgrade your connman packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEayzFlnvRveqeWJspbsLe9o/+N3QFAlmjRVgACgkQbsLe9o/+ N3T3/Q//VQRbz2KIvb/nJA79D9HsmJiV5MCs8odlsPfV+796eENsgepO3elsdm75 vo5FHTORoN+tc2cw9zOkpgR/tTNYVFq/adcchecjW6E8Ruh57AwT1PaDDStaTger ra9tk3QBVOWBkhdZmag8RxNt99EK9o1pVn0zu2cdNWwWR+0DJFLOTn+icvaX9a00 E53GXX/CCMEYw0Smo3t3D0HuR6NLLDFbyV1Cf/fte29Hdt7Ni0aXUZsjyqlND7LI mF1m4OcouoGhS/QFBEkIsduMs07Merc7ZHQ93z/RMtqQzo9Ev/7qBsgGG7TokTif m+HmH6x6OJ+QIVca2VK7i3pKmWu+zLtF5zixG/U0ED5nVoeDE1vnHmLlQilHOzi/ Dxmb6gPNQvbLYE3Hr2ytgL4ICmADVeUlpVfEc4km17G8fiTCaCY5vAlKRUy209bE d9izLn1u3J2i1gb3IsJ1qxfIG3kxy6xnXXED0sGZXCp61HU2SaXTiK76B5MLiBHP wQN335oSsRIbORSsCvfcqVUAtLs9BLqV3fQ57wb7nM5qH7vfHndcGXc/lVNb6eJe 3PjOIyDUU58K987FnvbN+FSWGuv5cfbsQLZwfICU5s95r2EAoS06tk2/iGU76Wwy zjmu3on4C2men6TxIaWCOamkBR+igB9MvRIRD2wRIUkg5mudmf8= =p3fr -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201812-02
https://security.gentoo.org/
Severity: Normal Title: ConnMan: Multiple vulnerabilities Date: December 02, 2018 Bugs: #628566, #630028 ID: 201812-02
Synopsis
Multiple vulnerabilities have been found in ConnMan, the worst of which could result in the remote execution of code.
Background
ConnMan provides a daemon for managing Internet connections.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-misc/connman < 1.35-r1 >= 1.35-r1
Description
Multiple vulnerabilities have been discovered in ConnMan. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All ConnMan users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/connman-1.35-r1"
References
[ 1 ] CVE-2017-12865 https://nvd.nist.gov/vuln/detail/CVE-2017-12865 [ 2 ] CVE-2017-5716 https://nvd.nist.gov/vuln/detail/CVE-2017-5716
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201812-02
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1104",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "connman",
"scope": "lte",
"trust": 1.0,
"vendor": "intel",
"version": "1.34"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.9,
"vendor": "connman",
"version": "1.34"
},
{
"model": "connman",
"scope": "lte",
"trust": 0.8,
"vendor": "connman",
"version": "1.34"
},
{
"model": "gnu/linux",
"scope": "eq",
"trust": 0.8,
"vendor": "debian",
"version": "8.0"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.3,
"vendor": "connman",
"version": "1.33"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.3,
"vendor": "connman",
"version": "1.32"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.3,
"vendor": "connman",
"version": "1.31"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.3,
"vendor": "connman",
"version": "1.30"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.3,
"vendor": "connman",
"version": "1.3"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.3,
"vendor": "connman",
"version": "1.20"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.3,
"vendor": "connman",
"version": "1.10"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.3,
"vendor": "connman",
"version": "1.0"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.3,
"vendor": "connman",
"version": "0.90"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.3,
"vendor": "connman",
"version": "0.80"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.3,
"vendor": "connman",
"version": "0.70"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.3,
"vendor": "connman",
"version": "0.60"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.3,
"vendor": "connman",
"version": "0.50"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.3,
"vendor": "connman",
"version": "0.40"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.3,
"vendor": "connman",
"version": "0.30"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.3,
"vendor": "connman",
"version": "0.20"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.3,
"vendor": "connman",
"version": "0.10"
},
{
"model": "connman",
"scope": "eq",
"trust": 0.3,
"vendor": "connman",
"version": "0.1"
},
{
"model": "connman",
"scope": "ne",
"trust": 0.3,
"vendor": "connman",
"version": "1.35"
}
],
"sources": [
{
"db": "BID",
"id": "100498"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007631"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-622"
},
{
"db": "NVD",
"id": "CVE-2017-12865"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:connman_project:connman",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:debian:debian_linux",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007631"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Pedro Sampaio",
"sources": [
{
"db": "BID",
"id": "100498"
}
],
"trust": 0.3
},
"cve": "CVE-2017-12865",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-12865",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-103430",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-12865",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-12865",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-12865",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-12865",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-622",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-103430",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103430"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007631"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-622"
},
{
"db": "NVD",
"id": "CVE-2017-12865"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in \"dnsproxy.c\" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the \"name\" variable. ConnMan Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. connman is prone to a stack-based buffer overflow vulnerability. \nAttackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. \nconnman 1.34 and prior are vulnerable. ConnMan is a tool for network management on Tizen systems. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3956-1 security@debian.org\nhttps://www.debian.org/security/ Luciano Bello\nAugust 27, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : connman\nCVE ID : CVE-2017-12865\nDebian Bug : 872844\n\nSecurity consultants in NRI Secure Technologies discovered a stack\noverflow vulnerability in ConnMan, a network manager for embedded\ndevices. \n\nFor the oldstable distribution (jessie), this problem has been fixed\nin version 1.21-1.2+deb8u1. \n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 1.33-3+deb9u1. \n\nFor the testing distribution (buster), this problem has been fixed\nin version 1.33-3+deb9u1. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.35-1. \n\nWe recommend that you upgrade your connman packages. \n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEayzFlnvRveqeWJspbsLe9o/+N3QFAlmjRVgACgkQbsLe9o/+\nN3T3/Q//VQRbz2KIvb/nJA79D9HsmJiV5MCs8odlsPfV+796eENsgepO3elsdm75\nvo5FHTORoN+tc2cw9zOkpgR/tTNYVFq/adcchecjW6E8Ruh57AwT1PaDDStaTger\nra9tk3QBVOWBkhdZmag8RxNt99EK9o1pVn0zu2cdNWwWR+0DJFLOTn+icvaX9a00\nE53GXX/CCMEYw0Smo3t3D0HuR6NLLDFbyV1Cf/fte29Hdt7Ni0aXUZsjyqlND7LI\nmF1m4OcouoGhS/QFBEkIsduMs07Merc7ZHQ93z/RMtqQzo9Ev/7qBsgGG7TokTif\nm+HmH6x6OJ+QIVca2VK7i3pKmWu+zLtF5zixG/U0ED5nVoeDE1vnHmLlQilHOzi/\nDxmb6gPNQvbLYE3Hr2ytgL4ICmADVeUlpVfEc4km17G8fiTCaCY5vAlKRUy209bE\nd9izLn1u3J2i1gb3IsJ1qxfIG3kxy6xnXXED0sGZXCp61HU2SaXTiK76B5MLiBHP\nwQN335oSsRIbORSsCvfcqVUAtLs9BLqV3fQ57wb7nM5qH7vfHndcGXc/lVNb6eJe\n3PjOIyDUU58K987FnvbN+FSWGuv5cfbsQLZwfICU5s95r2EAoS06tk2/iGU76Wwy\nzjmu3on4C2men6TxIaWCOamkBR+igB9MvRIRD2wRIUkg5mudmf8=\n=p3fr\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201812-02\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: ConnMan: Multiple vulnerabilities\n Date: December 02, 2018\n Bugs: #628566, #630028\n ID: 201812-02\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in ConnMan, the worst of which\ncould result in the remote execution of code. \n\nBackground\n==========\n\nConnMan provides a daemon for managing Internet connections. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-misc/connman \u003c 1.35-r1 \u003e= 1.35-r1 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in ConnMan. Please review\nthe CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll ConnMan users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/connman-1.35-r1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2017-12865\n https://nvd.nist.gov/vuln/detail/CVE-2017-12865\n[ 2 ] CVE-2017-5716\n https://nvd.nist.gov/vuln/detail/CVE-2017-5716\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201812-02\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2018 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12865"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007631"
},
{
"db": "BID",
"id": "100498"
},
{
"db": "VULHUB",
"id": "VHN-103430"
},
{
"db": "PACKETSTORM",
"id": "143931"
},
{
"db": "PACKETSTORM",
"id": "150558"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12865",
"trust": 3.0
},
{
"db": "BID",
"id": "100498",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007631",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201708-622",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "150558",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "143931",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-103430",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103430"
},
{
"db": "BID",
"id": "100498"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007631"
},
{
"db": "PACKETSTORM",
"id": "143931"
},
{
"db": "PACKETSTORM",
"id": "150558"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-622"
},
{
"db": "NVD",
"id": "CVE-2017-12865"
}
]
},
"id": "VAR-201708-1104",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-103430"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:17:48.542000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ConnMan Project Connection Manager Daemon Buffer Overflow",
"trust": 0.8,
"url": "https://01.org/security/advisories/intel-oss-10001"
},
{
"title": "DSA-3956",
"trust": 0.8,
"url": "https://www.debian.org/security/2017/dsa-3956"
},
{
"title": "dnsproxy: Fix crash on malformed DNS response",
"trust": 0.8,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=5c281d182ecdd0a424b64f7698f32467f8f67b71"
},
{
"title": "ConnMan Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111156"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007631"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-622"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103430"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007631"
},
{
"db": "NVD",
"id": "CVE-2017-12865"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483720"
},
{
"trust": 2.0,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=5c281d182ecdd0a424b64f7698f32467f8f67b71"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201812-02"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/100498"
},
{
"trust": 1.7,
"url": "https://01.org/security/intel-oss-10001/intel-oss-10001"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2017/dsa-3956"
},
{
"trust": 1.7,
"url": "https://www.nri-secure.com/blog/new-iot-vulnerability-connmando"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12865"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12865"
},
{
"trust": 0.3,
"url": "http://connman.net/"
},
{
"trust": 0.3,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=ebc8fda495ce285505b77e70c5b3fd45dfd3ab63"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5716"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103430"
},
{
"db": "BID",
"id": "100498"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007631"
},
{
"db": "PACKETSTORM",
"id": "143931"
},
{
"db": "PACKETSTORM",
"id": "150558"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-622"
},
{
"db": "NVD",
"id": "CVE-2017-12865"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-103430"
},
{
"db": "BID",
"id": "100498"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007631"
},
{
"db": "PACKETSTORM",
"id": "143931"
},
{
"db": "PACKETSTORM",
"id": "150558"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-622"
},
{
"db": "NVD",
"id": "CVE-2017-12865"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-103430"
},
{
"date": "2017-08-21T00:00:00",
"db": "BID",
"id": "100498"
},
{
"date": "2017-09-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007631"
},
{
"date": "2017-08-28T23:23:00",
"db": "PACKETSTORM",
"id": "143931"
},
{
"date": "2018-12-03T21:05:54",
"db": "PACKETSTORM",
"id": "150558"
},
{
"date": "2017-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-622"
},
{
"date": "2017-08-29T16:29:00.217000",
"db": "NVD",
"id": "CVE-2017-12865"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-05T00:00:00",
"db": "VULHUB",
"id": "VHN-103430"
},
{
"date": "2017-08-21T00:00:00",
"db": "BID",
"id": "100498"
},
{
"date": "2017-09-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007631"
},
{
"date": "2020-03-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-622"
},
{
"date": "2024-11-21T03:10:20.010000",
"db": "NVD",
"id": "CVE-2017-12865"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "150558"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-622"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ConnMan Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007631"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-622"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-622"
}
],
"trust": 0.6
}
}
var-202201-0428
Vulnerability from variot
An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read. Connman Exists in an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be in a state. Connman is a connection manager. A security vulnerability exists in Connman's DNS proxy due to forward_dns_reply mishandling strnlen calls, resulting in an out-of-bounds read. No detailed vulnerability details were provided at this time.
For the stable distribution (bullseye), these problems have been fixed in version 1.36-2.2+deb11u1.
We recommend that you upgrade your connman packages.
For the detailed security status of connman please refer to its security tracker page at: https://security-tracker.debian.org/tracker/connman
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmMl6e9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TRZA//QR46xvu66PMnDmLubjco12vyMnfonbCrOI+ZrgQl1OHtIB1/i1/sX/e6 YJfjJpMjIM+9tbGP6wUSPYli4ZjW7fYGipaXJYFYH/Mxq8zleLO7YeO5RGtl7isi trvOcJ0N8Og+KQZHymgxI9zSiAA1cA7VjWtdZjj7izt7fm2VN/xO7Yksecm053tF hBBffflPnOXL/BA75kQ6zK+l4GJKCoqE67zWqirpoFOIzbvQsOInfkG4WBh3fxee dzSjLJ5UjmEkiJC9la9y6TnO64b1nvNkp1akGbqVHmxQrrxcS5QoWvAa4K3mNVI8 l7+lTLxqsodLv6io71pI6UQbvLiyeOBKBycGxbFvnX38GiuO2qjNGrrKUfi77Lj3 23zwbKPiOl3bcBoH6/zhJmJsCR6rREN0uhULnEDMiiEQNVqbTw2RekFSNnSiprhC CvUhaioqcNQ0Km7Uhd23kIdpBcM5lZh3hwSXWuGxpEXyyBAzorn+1rh5l/Zu0x8I OpAbtgG4EaiB4crHBnDE8Tc2ZW/VmilnJF/syrVxL8zx78ZulK+fNmTwNWTV+wRz A5xHsvmR1D0FpBr2uKQ0bq6uDWxajd5kNOmboNnha3UL+EftjgIEW3f3Y4fgHeWx 1io1lrYjacfCEm3uf+NnAjACpwnQzWh41EIJpIDBhI09KB+LDeQ= =qzlf -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-6236-1 July 19, 2023
connman vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.04
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
Summary:
Several security issues were fixed in ConnMan.
Software Description: - connman: Intel Connection Manager daemon
Details:
It was discovered that ConnMan could be made to write out of bounds. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-26675, CVE-2021-33833)
It was discovered that ConnMan could be made to leak sensitive information via the gdhcp component. A remote attacker could possibly use this issue to obtain information for further exploitation. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-26676)
It was discovered that ConnMan could be made to read out of bounds. A remote attacker could possibly use this issue to case ConnMan to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-23096, CVE-2022-23097)
It was discovered that ConnMan could be made to run into an infinite loop. A remote attacker could possibly use this issue to cause ConnMan to consume resources and to stop operating, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-23098)
It was discovered that ConnMan could be made to write out of bounds via the gweb component. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32292)
It was discovered that ConnMan did not properly manage memory under certain circumstances. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32293)
It was discovered that ConnMan could be made to write out of bounds via the gdhcp component. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-28488)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.04: connman 1.41-2ubuntu0.23.04.1
Ubuntu 22.04 LTS: connman 1.36-2.3ubuntu0.1
Ubuntu 20.04 LTS: connman 1.36-2ubuntu0.1
Ubuntu 18.04 LTS (Available with Ubuntu Pro): connman 1.35-6ubuntu0.1~esm1
Ubuntu 16.04 LTS (Available with Ubuntu Pro): connman 1.21-1.2+deb8u1ubuntu0.1~esm1
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-6236-1 CVE-2021-26675, CVE-2021-26676, CVE-2021-33833, CVE-2022-23096, CVE-2022-23097, CVE-2022-23098, CVE-2022-32292, CVE-2022-32293, CVE-2023-28488
Package Information: https://launchpad.net/ubuntu/+source/connman/1.41-2ubuntu0.23.04.1 https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1 https://launchpad.net/ubuntu/+source/connman/1.36-2ubuntu0.1
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202310-21
https://security.gentoo.org/
Severity: High Title: ConnMan: Multiple Vulnerabilities Date: October 31, 2023 Bugs: #832028, #863425 ID: 202310-21
Synopsis
Multiple vulnerabilities have been discovered in ConnMan, the worst of which can lead to remote code execution.
Background
ConnMan provides a daemon for managing Internet connections.
Affected packages
Package Vulnerable Unaffected
net-misc/connman < 1.42_pre20220801 >= 1.42_pre20220801
Description
Multiple vulnerabilities have been discovered in ConnMan. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All ConnMan users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/connman-1.42_pre20220801"
References
[ 1 ] CVE-2022-23096 https://nvd.nist.gov/vuln/detail/CVE-2022-23096 [ 2 ] CVE-2022-23097 https://nvd.nist.gov/vuln/detail/CVE-2022-23097 [ 3 ] CVE-2022-23098 https://nvd.nist.gov/vuln/detail/CVE-2022-23098 [ 4 ] CVE-2022-32292 https://nvd.nist.gov/vuln/detail/CVE-2022-32292 [ 5 ] CVE-2022-32293 https://nvd.nist.gov/vuln/detail/CVE-2022-32293
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202310-21
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202201-0428",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "connman",
"scope": "lte",
"trust": 1.0,
"vendor": "intel",
"version": "1.40"
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "connman",
"scope": null,
"trust": 0.8,
"vendor": "connman",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-004292"
},
{
"db": "NVD",
"id": "CVE-2022-23097"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Debian",
"sources": [
{
"db": "PACKETSTORM",
"id": "169386"
}
],
"trust": 0.1
},
"cve": "CVE-2022-23097",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2022-23097",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-411974",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2022-23097",
"impactScore": 5.2,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-23097",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-23097",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2022-23097",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202201-2596",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-411974",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2022-23097",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411974"
},
{
"db": "VULMON",
"id": "CVE-2022-23097"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004292"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2596"
},
{
"db": "NVD",
"id": "CVE-2022-23097"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read. Connman Exists in an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be in a state. Connman is a connection manager. A security vulnerability exists in Connman\u0027s DNS proxy due to forward_dns_reply mishandling strnlen calls, resulting in an out-of-bounds read. No detailed vulnerability details were provided at this time. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 1.36-2.2+deb11u1. \n\nWe recommend that you upgrade your connman packages. \n\nFor the detailed security status of connman please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/connman\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmMl6e9fFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0TRZA//QR46xvu66PMnDmLubjco12vyMnfonbCrOI+ZrgQl1OHtIB1/i1/sX/e6\nYJfjJpMjIM+9tbGP6wUSPYli4ZjW7fYGipaXJYFYH/Mxq8zleLO7YeO5RGtl7isi\ntrvOcJ0N8Og+KQZHymgxI9zSiAA1cA7VjWtdZjj7izt7fm2VN/xO7Yksecm053tF\nhBBffflPnOXL/BA75kQ6zK+l4GJKCoqE67zWqirpoFOIzbvQsOInfkG4WBh3fxee\ndzSjLJ5UjmEkiJC9la9y6TnO64b1nvNkp1akGbqVHmxQrrxcS5QoWvAa4K3mNVI8\nl7+lTLxqsodLv6io71pI6UQbvLiyeOBKBycGxbFvnX38GiuO2qjNGrrKUfi77Lj3\n23zwbKPiOl3bcBoH6/zhJmJsCR6rREN0uhULnEDMiiEQNVqbTw2RekFSNnSiprhC\nCvUhaioqcNQ0Km7Uhd23kIdpBcM5lZh3hwSXWuGxpEXyyBAzorn+1rh5l/Zu0x8I\nOpAbtgG4EaiB4crHBnDE8Tc2ZW/VmilnJF/syrVxL8zx78ZulK+fNmTwNWTV+wRz\nA5xHsvmR1D0FpBr2uKQ0bq6uDWxajd5kNOmboNnha3UL+EftjgIEW3f3Y4fgHeWx\n1io1lrYjacfCEm3uf+NnAjACpwnQzWh41EIJpIDBhI09KB+LDeQ=\n=qzlf\n-----END PGP SIGNATURE-----\n. ==========================================================================\nUbuntu Security Notice USN-6236-1\nJuly 19, 2023\n\nconnman vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 23.04\n- Ubuntu 22.04 LTS\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS (Available with Ubuntu Pro)\n- Ubuntu 16.04 LTS (Available with Ubuntu Pro)\n\nSummary:\n\nSeveral security issues were fixed in ConnMan. \n\nSoftware Description:\n- connman: Intel Connection Manager daemon\n\nDetails:\n\nIt was discovered that ConnMan could be made to write out of bounds. A\nremote attacker could possibly use this issue to cause ConnMan to crash,\nresulting in a denial of service, or possibly execute arbitrary code. This\nissue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. \n(CVE-2021-26675, CVE-2021-33833)\n\nIt was discovered that ConnMan could be made to leak sensitive information\nvia the gdhcp component. A remote attacker could possibly use this issue\nto obtain information for further exploitation. This issue only affected\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-26676)\n\nIt was discovered that ConnMan could be made to read out of bounds. A\nremote attacker could possibly use this issue to case ConnMan to crash,\nresulting in a denial of service. This issue only affected Ubuntu 16.04\nLTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. \n(CVE-2022-23096, CVE-2022-23097)\n\nIt was discovered that ConnMan could be made to run into an infinite loop. \nA remote attacker could possibly use this issue to cause ConnMan to\nconsume resources and to stop operating, resulting in a denial of service. \nThis issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04\nLTS, and Ubuntu 22.04 LTS. (CVE-2022-23098)\n\nIt was discovered that ConnMan could be made to write out of bounds via\nthe gweb component. A remote attacker could possibly use this issue to\ncause ConnMan to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu\n18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32292)\n\nIt was discovered that ConnMan did not properly manage memory under\ncertain circumstances. A remote attacker could possibly use this issue to\ncause ConnMan to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu\n18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32293)\n\nIt was discovered that ConnMan could be made to write out of bounds via\nthe gdhcp component. A remote attacker could possibly use this issue to\ncause ConnMan to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. (CVE-2023-28488)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 23.04:\n connman 1.41-2ubuntu0.23.04.1\n\nUbuntu 22.04 LTS:\n connman 1.36-2.3ubuntu0.1\n\nUbuntu 20.04 LTS:\n connman 1.36-2ubuntu0.1\n\nUbuntu 18.04 LTS (Available with Ubuntu Pro):\n connman 1.35-6ubuntu0.1~esm1\n\nUbuntu 16.04 LTS (Available with Ubuntu Pro):\n connman 1.21-1.2+deb8u1ubuntu0.1~esm1\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n https://ubuntu.com/security/notices/USN-6236-1\n CVE-2021-26675, CVE-2021-26676, CVE-2021-33833, CVE-2022-23096,\n CVE-2022-23097, CVE-2022-23098, CVE-2022-32292, CVE-2022-32293,\n CVE-2023-28488\n\nPackage Information:\nhttps://launchpad.net/ubuntu/+source/connman/1.41-2ubuntu0.23.04.1\n https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1\n https://launchpad.net/ubuntu/+source/connman/1.36-2ubuntu0.1\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202310-21\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: ConnMan: Multiple Vulnerabilities\n Date: October 31, 2023\n Bugs: #832028, #863425\n ID: 202310-21\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=======\nMultiple vulnerabilities have been discovered in ConnMan, the worst of\nwhich can lead to remote code execution. \n\nBackground\n=========\nConnMan provides a daemon for managing Internet connections. \n\nAffected packages\n================\nPackage Vulnerable Unaffected\n---------------- ------------------ -------------------\nnet-misc/connman \u003c 1.42_pre20220801 \u003e= 1.42_pre20220801\n\nDescription\n==========\nMultiple vulnerabilities have been discovered in ConnMan. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n=====\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n=========\nThere is no known workaround at this time. \n\nResolution\n=========\nAll ConnMan users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/connman-1.42_pre20220801\"\n\nReferences\n=========\n[ 1 ] CVE-2022-23096\n https://nvd.nist.gov/vuln/detail/CVE-2022-23096\n[ 2 ] CVE-2022-23097\n https://nvd.nist.gov/vuln/detail/CVE-2022-23097\n[ 3 ] CVE-2022-23098\n https://nvd.nist.gov/vuln/detail/CVE-2022-23098\n[ 4 ] CVE-2022-32292\n https://nvd.nist.gov/vuln/detail/CVE-2022-32292\n[ 5 ] CVE-2022-32293\n https://nvd.nist.gov/vuln/detail/CVE-2022-32293\n\nAvailability\n===========\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202310-21\n\nConcerns?\n========\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n======\nCopyright 2023 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-23097"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004292"
},
{
"db": "VULHUB",
"id": "VHN-411974"
},
{
"db": "VULMON",
"id": "CVE-2022-23097"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-23097",
"trust": 3.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/01/25/1",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004292",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "169386",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2023.4078",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4634",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2596",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2022-09131",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-411974",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-23097",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "173601",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "175441",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411974"
},
{
"db": "VULMON",
"id": "CVE-2022-23097"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004292"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2596"
},
{
"db": "NVD",
"id": "CVE-2022-23097"
}
]
},
"id": "VAR-202201-0428",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-411974"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:11:14.915000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "[SECURITY]\u00a0[DLA\u00a02915-1]\u00a0connman\u00a0security\u00a0update Debian\u00a0Security\u00a0Advisory",
"trust": 0.8,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/log/"
},
{
"title": "Connman Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=180420"
},
{
"title": "Debian CVElist Bug Report Logs: connman: CVE-2022-23096 CVE-2022-23097 CVE-2022-23098",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=fbf02d2c0058862b318dcda12f0708ac"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2022-23097"
},
{
"title": "Debian Security Advisories: DSA-5231-1 connman -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a35ea7e493a595256b90605cc6e8cb63"
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-23305 "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-RCE "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-23097"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004292"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2596"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.1
},
{
"problemtype": "Out-of-bounds read (CWE-125) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411974"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004292"
},
{
"db": "NVD",
"id": "CVE-2022-23097"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.openwall.com/lists/oss-security/2022/01/25/1"
},
{
"trust": 1.9,
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"trust": 1.8,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/log/"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00009.html"
},
{
"trust": 1.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23097"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/202310-21"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169386/debian-security-advisory-5231-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.4078"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/connman-three-vulnerabilities-37503"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4634"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32292"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23098"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32293"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23096"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004935"
},
{
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/connman"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/connman/1.36-2ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-28488"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26676"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/connman/1.41-2ubuntu0.23.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26675"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6236-1"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411974"
},
{
"db": "VULMON",
"id": "CVE-2022-23097"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004292"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2596"
},
{
"db": "NVD",
"id": "CVE-2022-23097"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-411974"
},
{
"db": "VULMON",
"id": "CVE-2022-23097"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004292"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2596"
},
{
"db": "NVD",
"id": "CVE-2022-23097"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-28T00:00:00",
"db": "VULHUB",
"id": "VHN-411974"
},
{
"date": "2022-01-28T00:00:00",
"db": "VULMON",
"id": "CVE-2022-23097"
},
{
"date": "2023-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-004292"
},
{
"date": "2022-09-28T19:12:00",
"db": "PACKETSTORM",
"id": "169386"
},
{
"date": "2023-07-19T15:26:27",
"db": "PACKETSTORM",
"id": "173601"
},
{
"date": "2023-10-31T13:14:45",
"db": "PACKETSTORM",
"id": "175441"
},
{
"date": "2022-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-2596"
},
{
"date": "2022-01-28T16:15:07.943000",
"db": "NVD",
"id": "CVE-2022-23097"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-411974"
},
{
"date": "2023-12-21T00:00:00",
"db": "VULMON",
"id": "CVE-2022-23097"
},
{
"date": "2023-04-04T07:38:00",
"db": "JVNDB",
"id": "JVNDB-2022-004292"
},
{
"date": "2023-07-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-2596"
},
{
"date": "2024-11-21T06:47:59.120000",
"db": "NVD",
"id": "CVE-2022-23097"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2596"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Connman\u00a0 Out-of-bounds read vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-004292"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-2596"
}
],
"trust": 0.6
}
}
var-202208-0281
Vulnerability from variot
In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution. Intel's connman Products from multiple other vendors contain vulnerabilities related to use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ConnMan. Authentication is not required to exploit this vulnerability.The specific flaw exists within the wispr_portal_web_result method. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. An attacker can leverage this vulnerability to execute code in the context of the ConnMan process. This vulnerability was demonstrated on a Tesla Model 3 during Pwn2Own 2022 Vancouver competition.
For the stable distribution (bullseye), these problems have been fixed in version 1.36-2.2+deb11u1.
We recommend that you upgrade your connman packages.
For the detailed security status of connman please refer to its security tracker page at: https://security-tracker.debian.org/tracker/connman
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmMl6e9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TRZA//QR46xvu66PMnDmLubjco12vyMnfonbCrOI+ZrgQl1OHtIB1/i1/sX/e6 YJfjJpMjIM+9tbGP6wUSPYli4ZjW7fYGipaXJYFYH/Mxq8zleLO7YeO5RGtl7isi trvOcJ0N8Og+KQZHymgxI9zSiAA1cA7VjWtdZjj7izt7fm2VN/xO7Yksecm053tF hBBffflPnOXL/BA75kQ6zK+l4GJKCoqE67zWqirpoFOIzbvQsOInfkG4WBh3fxee dzSjLJ5UjmEkiJC9la9y6TnO64b1nvNkp1akGbqVHmxQrrxcS5QoWvAa4K3mNVI8 l7+lTLxqsodLv6io71pI6UQbvLiyeOBKBycGxbFvnX38GiuO2qjNGrrKUfi77Lj3 23zwbKPiOl3bcBoH6/zhJmJsCR6rREN0uhULnEDMiiEQNVqbTw2RekFSNnSiprhC CvUhaioqcNQ0Km7Uhd23kIdpBcM5lZh3hwSXWuGxpEXyyBAzorn+1rh5l/Zu0x8I OpAbtgG4EaiB4crHBnDE8Tc2ZW/VmilnJF/syrVxL8zx78ZulK+fNmTwNWTV+wRz A5xHsvmR1D0FpBr2uKQ0bq6uDWxajd5kNOmboNnha3UL+EftjgIEW3f3Y4fgHeWx 1io1lrYjacfCEm3uf+NnAjACpwnQzWh41EIJpIDBhI09KB+LDeQ= =qzlf -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-6236-1 July 19, 2023
connman vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.04
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
Summary:
Several security issues were fixed in ConnMan.
Software Description: - connman: Intel Connection Manager daemon
Details:
It was discovered that ConnMan could be made to write out of bounds. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-26675, CVE-2021-33833)
It was discovered that ConnMan could be made to leak sensitive information via the gdhcp component. A remote attacker could possibly use this issue to obtain information for further exploitation. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-26676)
It was discovered that ConnMan could be made to read out of bounds. A remote attacker could possibly use this issue to case ConnMan to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-23096, CVE-2022-23097)
It was discovered that ConnMan could be made to run into an infinite loop. A remote attacker could possibly use this issue to cause ConnMan to consume resources and to stop operating, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-23098)
It was discovered that ConnMan could be made to write out of bounds via the gweb component. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32292)
It was discovered that ConnMan did not properly manage memory under certain circumstances. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32293)
It was discovered that ConnMan could be made to write out of bounds via the gdhcp component. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-28488)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.04: connman 1.41-2ubuntu0.23.04.1
Ubuntu 22.04 LTS: connman 1.36-2.3ubuntu0.1
Ubuntu 20.04 LTS: connman 1.36-2ubuntu0.1
Ubuntu 18.04 LTS (Available with Ubuntu Pro): connman 1.35-6ubuntu0.1~esm1
Ubuntu 16.04 LTS (Available with Ubuntu Pro): connman 1.21-1.2+deb8u1ubuntu0.1~esm1
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-6236-1 CVE-2021-26675, CVE-2021-26676, CVE-2021-33833, CVE-2022-23096, CVE-2022-23097, CVE-2022-23098, CVE-2022-32292, CVE-2022-32293, CVE-2023-28488
Package Information: https://launchpad.net/ubuntu/+source/connman/1.41-2ubuntu0.23.04.1 https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1 https://launchpad.net/ubuntu/+source/connman/1.36-2ubuntu0.1
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202310-21
https://security.gentoo.org/
Severity: High Title: ConnMan: Multiple Vulnerabilities Date: October 31, 2023 Bugs: #832028, #863425 ID: 202310-21
Synopsis
Multiple vulnerabilities have been discovered in ConnMan, the worst of which can lead to remote code execution.
Background
ConnMan provides a daemon for managing Internet connections.
Affected packages
Package Vulnerable Unaffected
net-misc/connman < 1.42_pre20220801 >= 1.42_pre20220801
Description
Multiple vulnerabilities have been discovered in ConnMan. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All ConnMan users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/connman-1.42_pre20220801"
References
[ 1 ] CVE-2022-23096 https://nvd.nist.gov/vuln/detail/CVE-2022-23096 [ 2 ] CVE-2022-23097 https://nvd.nist.gov/vuln/detail/CVE-2022-23097 [ 3 ] CVE-2022-23098 https://nvd.nist.gov/vuln/detail/CVE-2022-23098 [ 4 ] CVE-2022-32292 https://nvd.nist.gov/vuln/detail/CVE-2022-32292 [ 5 ] CVE-2022-32293 https://nvd.nist.gov/vuln/detail/CVE-2022-32293
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202310-21
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202208-0281",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "connman",
"scope": "lte",
"trust": 1.0,
"vendor": "intel",
"version": "1.41"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "connman",
"scope": null,
"trust": 0.8,
"vendor": "\u30a4\u30f3\u30c6\u30eb",
"version": null
},
{
"model": "connman",
"scope": null,
"trust": 0.7,
"vendor": "connman",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-1186"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014093"
},
{
"db": "NVD",
"id": "CVE-2022-32293"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "David BERARD and Vincent DEHORS from @Synacktiv",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-1186"
}
],
"trust": 0.7
},
"cve": "CVE-2022-32293",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2022-32293",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-32293",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2022-32293",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-32293",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-32293",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2022-32293",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202208-2051",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-1186"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014093"
},
{
"db": "CNNVD",
"id": "CNNVD-202208-2051"
},
{
"db": "NVD",
"id": "CVE-2022-32293"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution. Intel\u0027s connman Products from multiple other vendors contain vulnerabilities related to use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ConnMan. Authentication is not required to exploit this vulnerability.The specific flaw exists within the wispr_portal_web_result method. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. An attacker can leverage this vulnerability to execute code in the context of the ConnMan process. This vulnerability was demonstrated on a Tesla Model 3 during Pwn2Own 2022 Vancouver competition. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 1.36-2.2+deb11u1. \n\nWe recommend that you upgrade your connman packages. \n\nFor the detailed security status of connman please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/connman\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmMl6e9fFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0TRZA//QR46xvu66PMnDmLubjco12vyMnfonbCrOI+ZrgQl1OHtIB1/i1/sX/e6\nYJfjJpMjIM+9tbGP6wUSPYli4ZjW7fYGipaXJYFYH/Mxq8zleLO7YeO5RGtl7isi\ntrvOcJ0N8Og+KQZHymgxI9zSiAA1cA7VjWtdZjj7izt7fm2VN/xO7Yksecm053tF\nhBBffflPnOXL/BA75kQ6zK+l4GJKCoqE67zWqirpoFOIzbvQsOInfkG4WBh3fxee\ndzSjLJ5UjmEkiJC9la9y6TnO64b1nvNkp1akGbqVHmxQrrxcS5QoWvAa4K3mNVI8\nl7+lTLxqsodLv6io71pI6UQbvLiyeOBKBycGxbFvnX38GiuO2qjNGrrKUfi77Lj3\n23zwbKPiOl3bcBoH6/zhJmJsCR6rREN0uhULnEDMiiEQNVqbTw2RekFSNnSiprhC\nCvUhaioqcNQ0Km7Uhd23kIdpBcM5lZh3hwSXWuGxpEXyyBAzorn+1rh5l/Zu0x8I\nOpAbtgG4EaiB4crHBnDE8Tc2ZW/VmilnJF/syrVxL8zx78ZulK+fNmTwNWTV+wRz\nA5xHsvmR1D0FpBr2uKQ0bq6uDWxajd5kNOmboNnha3UL+EftjgIEW3f3Y4fgHeWx\n1io1lrYjacfCEm3uf+NnAjACpwnQzWh41EIJpIDBhI09KB+LDeQ=\n=qzlf\n-----END PGP SIGNATURE-----\n. ==========================================================================\nUbuntu Security Notice USN-6236-1\nJuly 19, 2023\n\nconnman vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 23.04\n- Ubuntu 22.04 LTS\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS (Available with Ubuntu Pro)\n- Ubuntu 16.04 LTS (Available with Ubuntu Pro)\n\nSummary:\n\nSeveral security issues were fixed in ConnMan. \n\nSoftware Description:\n- connman: Intel Connection Manager daemon\n\nDetails:\n\nIt was discovered that ConnMan could be made to write out of bounds. A\nremote attacker could possibly use this issue to cause ConnMan to crash,\nresulting in a denial of service, or possibly execute arbitrary code. This\nissue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. \n(CVE-2021-26675, CVE-2021-33833)\n\nIt was discovered that ConnMan could be made to leak sensitive information\nvia the gdhcp component. A remote attacker could possibly use this issue\nto obtain information for further exploitation. This issue only affected\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-26676)\n\nIt was discovered that ConnMan could be made to read out of bounds. A\nremote attacker could possibly use this issue to case ConnMan to crash,\nresulting in a denial of service. This issue only affected Ubuntu 16.04\nLTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. \n(CVE-2022-23096, CVE-2022-23097)\n\nIt was discovered that ConnMan could be made to run into an infinite loop. \nA remote attacker could possibly use this issue to cause ConnMan to\nconsume resources and to stop operating, resulting in a denial of service. \nThis issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04\nLTS, and Ubuntu 22.04 LTS. (CVE-2022-23098)\n\nIt was discovered that ConnMan could be made to write out of bounds via\nthe gweb component. A remote attacker could possibly use this issue to\ncause ConnMan to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu\n18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32292)\n\nIt was discovered that ConnMan did not properly manage memory under\ncertain circumstances. A remote attacker could possibly use this issue to\ncause ConnMan to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu\n18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32293)\n\nIt was discovered that ConnMan could be made to write out of bounds via\nthe gdhcp component. A remote attacker could possibly use this issue to\ncause ConnMan to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. (CVE-2023-28488)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 23.04:\n connman 1.41-2ubuntu0.23.04.1\n\nUbuntu 22.04 LTS:\n connman 1.36-2.3ubuntu0.1\n\nUbuntu 20.04 LTS:\n connman 1.36-2ubuntu0.1\n\nUbuntu 18.04 LTS (Available with Ubuntu Pro):\n connman 1.35-6ubuntu0.1~esm1\n\nUbuntu 16.04 LTS (Available with Ubuntu Pro):\n connman 1.21-1.2+deb8u1ubuntu0.1~esm1\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n https://ubuntu.com/security/notices/USN-6236-1\n CVE-2021-26675, CVE-2021-26676, CVE-2021-33833, CVE-2022-23096,\n CVE-2022-23097, CVE-2022-23098, CVE-2022-32292, CVE-2022-32293,\n CVE-2023-28488\n\nPackage Information:\nhttps://launchpad.net/ubuntu/+source/connman/1.41-2ubuntu0.23.04.1\n https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1\n https://launchpad.net/ubuntu/+source/connman/1.36-2ubuntu0.1\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202310-21\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: ConnMan: Multiple Vulnerabilities\n Date: October 31, 2023\n Bugs: #832028, #863425\n ID: 202310-21\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=======\nMultiple vulnerabilities have been discovered in ConnMan, the worst of\nwhich can lead to remote code execution. \n\nBackground\n=========\nConnMan provides a daemon for managing Internet connections. \n\nAffected packages\n================\nPackage Vulnerable Unaffected\n---------------- ------------------ -------------------\nnet-misc/connman \u003c 1.42_pre20220801 \u003e= 1.42_pre20220801\n\nDescription\n==========\nMultiple vulnerabilities have been discovered in ConnMan. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n=====\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n=========\nThere is no known workaround at this time. \n\nResolution\n=========\nAll ConnMan users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/connman-1.42_pre20220801\"\n\nReferences\n=========\n[ 1 ] CVE-2022-23096\n https://nvd.nist.gov/vuln/detail/CVE-2022-23096\n[ 2 ] CVE-2022-23097\n https://nvd.nist.gov/vuln/detail/CVE-2022-23097\n[ 3 ] CVE-2022-23098\n https://nvd.nist.gov/vuln/detail/CVE-2022-23098\n[ 4 ] CVE-2022-32292\n https://nvd.nist.gov/vuln/detail/CVE-2022-32292\n[ 5 ] CVE-2022-32293\n https://nvd.nist.gov/vuln/detail/CVE-2022-32293\n\nAvailability\n===========\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202310-21\n\nConcerns?\n========\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n======\nCopyright 2023 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-32293"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014093"
},
{
"db": "ZDI",
"id": "ZDI-22-1186"
},
{
"db": "VULHUB",
"id": "VHN-424311"
},
{
"db": "VULMON",
"id": "CVE-2022-32293"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-32293",
"trust": 4.4
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014093",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-17447",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-22-1186",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "169386",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2023.4078",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4634",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202208-2051",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-424311",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-32293",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "173601",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "175441",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-1186"
},
{
"db": "VULHUB",
"id": "VHN-424311"
},
{
"db": "VULMON",
"id": "CVE-2022-32293"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014093"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202208-2051"
},
{
"db": "NVD",
"id": "CVE-2022-32293"
}
]
},
"id": "VAR-202208-0281",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-424311"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:50:34.997000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "",
"trust": 0.7,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=72343929836de80727a27d6744c869dff045757chttps://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=416bfaff988882c553c672e5bfc2d4f648d29e8a"
},
{
"title": "Linux kernel Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=203237"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-1186"
},
{
"db": "CNNVD",
"id": "CNNVD-202208-2051"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "Use of freed memory (CWE-416) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-424311"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014093"
},
{
"db": "NVD",
"id": "CVE-2022-32293"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1200190"
},
{
"trust": 2.5,
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"trust": 1.6,
"url": "https://lore.kernel.org/connman/20220801080043.4861-3-wagi@monom.org/"
},
{
"trust": 1.6,
"url": "https://lore.kernel.org/connman/20220801080043.4861-1-wagi@monom.org/"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32293"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/202310-21"
},
{
"trust": 1.0,
"url": "https://lore.kernel.org/connman/20220801080043.4861-1-wagi%40monom.org/"
},
{
"trust": 1.0,
"url": "https://lore.kernel.org/connman/20220801080043.4861-3-wagi%40monom.org/"
},
{
"trust": 0.7,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=72343929836de80727a27d6744c869dff045757chttps://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=416bfaff988882c553c672e5bfc2d4f648d29e8a"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/connman-two-vulnerabilities-38973"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169386/debian-security-advisory-5231-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.4078"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-32293/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4634"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23097"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32292"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23098"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23096"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/connman"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/connman/1.36-2ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-28488"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26676"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/connman/1.41-2ubuntu0.23.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26675"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6236-1"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-1186"
},
{
"db": "VULHUB",
"id": "VHN-424311"
},
{
"db": "VULMON",
"id": "CVE-2022-32293"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014093"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202208-2051"
},
{
"db": "NVD",
"id": "CVE-2022-32293"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-22-1186"
},
{
"db": "VULHUB",
"id": "VHN-424311"
},
{
"db": "VULMON",
"id": "CVE-2022-32293"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-014093"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202208-2051"
},
{
"db": "NVD",
"id": "CVE-2022-32293"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-1186"
},
{
"date": "2022-08-03T00:00:00",
"db": "VULHUB",
"id": "VHN-424311"
},
{
"date": "2022-08-03T00:00:00",
"db": "VULMON",
"id": "CVE-2022-32293"
},
{
"date": "2023-09-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-014093"
},
{
"date": "2022-09-28T19:12:00",
"db": "PACKETSTORM",
"id": "169386"
},
{
"date": "2023-07-19T15:26:27",
"db": "PACKETSTORM",
"id": "173601"
},
{
"date": "2023-10-31T13:14:45",
"db": "PACKETSTORM",
"id": "175441"
},
{
"date": "2022-08-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202208-2051"
},
{
"date": "2022-08-03T14:15:08.667000",
"db": "NVD",
"id": "CVE-2022-32293"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-09-20T00:00:00",
"db": "ZDI",
"id": "ZDI-22-1186"
},
{
"date": "2022-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-424311"
},
{
"date": "2022-08-03T00:00:00",
"db": "VULMON",
"id": "CVE-2022-32293"
},
{
"date": "2023-09-14T08:11:00",
"db": "JVNDB",
"id": "JVNDB-2022-014093"
},
{
"date": "2023-07-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202208-2051"
},
{
"date": "2023-12-21T18:51:04.713000",
"db": "NVD",
"id": "CVE-2022-32293"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202208-2051"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel\u0027s \u00a0connman\u00a0 Vulnerability related to use of freed memory in products from other vendors",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-014093"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202208-2051"
}
],
"trust": 0.6
}
}
var-202201-0402
Vulnerability from variot
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read. Connman Exists in an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be in a state.
For the stable distribution (bullseye), these problems have been fixed in version 1.36-2.2+deb11u1.
We recommend that you upgrade your connman packages.
For the detailed security status of connman please refer to its security tracker page at: https://security-tracker.debian.org/tracker/connman
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmMl6e9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TRZA//QR46xvu66PMnDmLubjco12vyMnfonbCrOI+ZrgQl1OHtIB1/i1/sX/e6 YJfjJpMjIM+9tbGP6wUSPYli4ZjW7fYGipaXJYFYH/Mxq8zleLO7YeO5RGtl7isi trvOcJ0N8Og+KQZHymgxI9zSiAA1cA7VjWtdZjj7izt7fm2VN/xO7Yksecm053tF hBBffflPnOXL/BA75kQ6zK+l4GJKCoqE67zWqirpoFOIzbvQsOInfkG4WBh3fxee dzSjLJ5UjmEkiJC9la9y6TnO64b1nvNkp1akGbqVHmxQrrxcS5QoWvAa4K3mNVI8 l7+lTLxqsodLv6io71pI6UQbvLiyeOBKBycGxbFvnX38GiuO2qjNGrrKUfi77Lj3 23zwbKPiOl3bcBoH6/zhJmJsCR6rREN0uhULnEDMiiEQNVqbTw2RekFSNnSiprhC CvUhaioqcNQ0Km7Uhd23kIdpBcM5lZh3hwSXWuGxpEXyyBAzorn+1rh5l/Zu0x8I OpAbtgG4EaiB4crHBnDE8Tc2ZW/VmilnJF/syrVxL8zx78ZulK+fNmTwNWTV+wRz A5xHsvmR1D0FpBr2uKQ0bq6uDWxajd5kNOmboNnha3UL+EftjgIEW3f3Y4fgHeWx 1io1lrYjacfCEm3uf+NnAjACpwnQzWh41EIJpIDBhI09KB+LDeQ= =qzlf -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202310-21
https://security.gentoo.org/
Severity: High Title: ConnMan: Multiple Vulnerabilities Date: October 31, 2023 Bugs: #832028, #863425 ID: 202310-21
Synopsis
Multiple vulnerabilities have been discovered in ConnMan, the worst of which can lead to remote code execution.
Background
ConnMan provides a daemon for managing Internet connections.
Affected packages
Package Vulnerable Unaffected
net-misc/connman < 1.42_pre20220801 >= 1.42_pre20220801
Description
Multiple vulnerabilities have been discovered in ConnMan. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All ConnMan users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/connman-1.42_pre20220801"
References
[ 1 ] CVE-2022-23096 https://nvd.nist.gov/vuln/detail/CVE-2022-23096 [ 2 ] CVE-2022-23097 https://nvd.nist.gov/vuln/detail/CVE-2022-23097 [ 3 ] CVE-2022-23098 https://nvd.nist.gov/vuln/detail/CVE-2022-23098 [ 4 ] CVE-2022-32292 https://nvd.nist.gov/vuln/detail/CVE-2022-32292 [ 5 ] CVE-2022-32293 https://nvd.nist.gov/vuln/detail/CVE-2022-32293
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202310-21
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202201-0402",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "connman",
"scope": "lte",
"trust": 1.0,
"vendor": "intel",
"version": "1.40"
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "connman",
"scope": null,
"trust": 0.8,
"vendor": "connman",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-004293"
},
{
"db": "NVD",
"id": "CVE-2022-23096"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Debian",
"sources": [
{
"db": "PACKETSTORM",
"id": "169386"
}
],
"trust": 0.1
},
"cve": "CVE-2022-23096",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2022-23096",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-411973",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2022-23096",
"impactScore": 5.2,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-23096",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-23096",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2022-23096",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2022-23096",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202201-2595",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-411973",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2022-23096",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411973"
},
{
"db": "VULMON",
"id": "CVE-2022-23096"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004293"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2595"
},
{
"db": "NVD",
"id": "CVE-2022-23096"
},
{
"db": "NVD",
"id": "CVE-2022-23096"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read. Connman Exists in an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be in a state. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 1.36-2.2+deb11u1. \n\nWe recommend that you upgrade your connman packages. \n\nFor the detailed security status of connman please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/connman\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmMl6e9fFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0TRZA//QR46xvu66PMnDmLubjco12vyMnfonbCrOI+ZrgQl1OHtIB1/i1/sX/e6\nYJfjJpMjIM+9tbGP6wUSPYli4ZjW7fYGipaXJYFYH/Mxq8zleLO7YeO5RGtl7isi\ntrvOcJ0N8Og+KQZHymgxI9zSiAA1cA7VjWtdZjj7izt7fm2VN/xO7Yksecm053tF\nhBBffflPnOXL/BA75kQ6zK+l4GJKCoqE67zWqirpoFOIzbvQsOInfkG4WBh3fxee\ndzSjLJ5UjmEkiJC9la9y6TnO64b1nvNkp1akGbqVHmxQrrxcS5QoWvAa4K3mNVI8\nl7+lTLxqsodLv6io71pI6UQbvLiyeOBKBycGxbFvnX38GiuO2qjNGrrKUfi77Lj3\n23zwbKPiOl3bcBoH6/zhJmJsCR6rREN0uhULnEDMiiEQNVqbTw2RekFSNnSiprhC\nCvUhaioqcNQ0Km7Uhd23kIdpBcM5lZh3hwSXWuGxpEXyyBAzorn+1rh5l/Zu0x8I\nOpAbtgG4EaiB4crHBnDE8Tc2ZW/VmilnJF/syrVxL8zx78ZulK+fNmTwNWTV+wRz\nA5xHsvmR1D0FpBr2uKQ0bq6uDWxajd5kNOmboNnha3UL+EftjgIEW3f3Y4fgHeWx\n1io1lrYjacfCEm3uf+NnAjACpwnQzWh41EIJpIDBhI09KB+LDeQ=\n=qzlf\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202310-21\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: ConnMan: Multiple Vulnerabilities\n Date: October 31, 2023\n Bugs: #832028, #863425\n ID: 202310-21\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=======\nMultiple vulnerabilities have been discovered in ConnMan, the worst of\nwhich can lead to remote code execution. \n\nBackground\n=========\nConnMan provides a daemon for managing Internet connections. \n\nAffected packages\n================\nPackage Vulnerable Unaffected\n---------------- ------------------ -------------------\nnet-misc/connman \u003c 1.42_pre20220801 \u003e= 1.42_pre20220801\n\nDescription\n==========\nMultiple vulnerabilities have been discovered in ConnMan. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n=====\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n=========\nThere is no known workaround at this time. \n\nResolution\n=========\nAll ConnMan users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/connman-1.42_pre20220801\"\n\nReferences\n=========\n[ 1 ] CVE-2022-23096\n https://nvd.nist.gov/vuln/detail/CVE-2022-23096\n[ 2 ] CVE-2022-23097\n https://nvd.nist.gov/vuln/detail/CVE-2022-23097\n[ 3 ] CVE-2022-23098\n https://nvd.nist.gov/vuln/detail/CVE-2022-23098\n[ 4 ] CVE-2022-32292\n https://nvd.nist.gov/vuln/detail/CVE-2022-32292\n[ 5 ] CVE-2022-32293\n https://nvd.nist.gov/vuln/detail/CVE-2022-32293\n\nAvailability\n===========\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202310-21\n\nConcerns?\n========\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n======\nCopyright 2023 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-23096"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004293"
},
{
"db": "VULHUB",
"id": "VHN-411973"
},
{
"db": "VULMON",
"id": "CVE-2022-23096"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "175441"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-23096",
"trust": 3.6
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/01/25/1",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004293",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "169386",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2023.4078",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4634",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2595",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-411973",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-23096",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "175441",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411973"
},
{
"db": "VULMON",
"id": "CVE-2022-23096"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004293"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2595"
},
{
"db": "NVD",
"id": "CVE-2022-23096"
}
]
},
"id": "VAR-202201-0402",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-411973"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:57:40.131000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "[SECURITY]\u00a0[DLA\u00a02915-1]\u00a0connman\u00a0security\u00a0update Debian\u00a0Security\u00a0Advisory",
"trust": 0.8,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/log/"
},
{
"title": "Connman Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=180419"
},
{
"title": "Debian CVElist Bug Report Logs: connman: CVE-2022-23096 CVE-2022-23097 CVE-2022-23098",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=fbf02d2c0058862b318dcda12f0708ac"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2022-23096"
},
{
"title": "Debian Security Advisories: DSA-5231-1 connman -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a35ea7e493a595256b90605cc6e8cb63"
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-23305 "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-RCE "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-23096"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004293"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2595"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.1
},
{
"problemtype": "Out-of-bounds read (CWE-125) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411973"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004293"
},
{
"db": "NVD",
"id": "CVE-2022-23096"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.openwall.com/lists/oss-security/2022/01/25/1"
},
{
"trust": 1.9,
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"trust": 1.8,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/log/"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00009.html"
},
{
"trust": 1.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23096"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/202310-21"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169386/debian-security-advisory-5231-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.4078"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/connman-three-vulnerabilities-37503"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4634"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23097"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32292"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23098"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32293"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004935"
},
{
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/connman"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411973"
},
{
"db": "VULMON",
"id": "CVE-2022-23096"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004293"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2595"
},
{
"db": "NVD",
"id": "CVE-2022-23096"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-411973"
},
{
"db": "VULMON",
"id": "CVE-2022-23096"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004293"
},
{
"db": "PACKETSTORM",
"id": "169386"
},
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2595"
},
{
"db": "NVD",
"id": "CVE-2022-23096"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-28T00:00:00",
"db": "VULHUB",
"id": "VHN-411973"
},
{
"date": "2022-01-28T00:00:00",
"db": "VULMON",
"id": "CVE-2022-23096"
},
{
"date": "2023-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-004293"
},
{
"date": "2022-09-28T19:12:00",
"db": "PACKETSTORM",
"id": "169386"
},
{
"date": "2023-10-31T13:14:45",
"db": "PACKETSTORM",
"id": "175441"
},
{
"date": "2022-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-2595"
},
{
"date": "2022-01-28T16:15:07.897000",
"db": "NVD",
"id": "CVE-2022-23096"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-411973"
},
{
"date": "2023-12-21T00:00:00",
"db": "VULMON",
"id": "CVE-2022-23096"
},
{
"date": "2023-04-04T07:58:00",
"db": "JVNDB",
"id": "JVNDB-2022-004293"
},
{
"date": "2023-07-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-2595"
},
{
"date": "2024-11-21T06:47:58.880000",
"db": "NVD",
"id": "CVE-2022-23096"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "175441"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-2595"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Connman\u00a0 Out-of-bounds read vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-004293"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-2595"
}
],
"trust": 0.6
}
}
var-202102-1244
Vulnerability from variot
gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp. ConnMan Contains an unspecified vulnerability.Information may be obtained. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202107-29
https://security.gentoo.org/
Severity: Normal Title: ConnMan: Multiple vulnerabilities Date: July 12, 2021 Bugs: #769491, #795084 ID: 202107-29
Synopsis
A buffer overflow in ConnMan might allow remote attacker(s) to execute arbitrary code.
Background
ConnMan provides a daemon for managing Internet connections.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-misc/connman < 1.40 >= 1.40
Description
Multiple vulnerabilities have been discovered in connman. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All ConnMan users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/connman-1.40"
References
[ 1 ] CVE-2021-26675 https://nvd.nist.gov/vuln/detail/CVE-2021-26675 [ 2 ] CVE-2021-26676 https://nvd.nist.gov/vuln/detail/CVE-2021-26676 [ 3 ] CVE-2021-33833 https://nvd.nist.gov/vuln/detail/CVE-2021-33833
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202107-29
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2021 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
.
For the stable distribution (buster), these problems have been fixed in version 1.36-2.1~deb10u1.
We recommend that you upgrade your connman packages.
For the detailed security status of connman please refer to its security tracker page at: https://security-tracker.debian.org/tracker/connman
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmAhl9pfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0ToGg//e9ZijJG7S7wkyc4I+q+1Bn1kPikXh4osJ9wgNSUKdcsIGWpjAvnW+X1H WwT5OI+7BeuAK1uAvGIuDK5s6cPsaa8NUKLsAwgKKcwCJcN74wLKls+3j7vt4nQA ynenKrwYBxxdfq9oUFPIvMhWggZ5a1LFqbgLeXnQc36IGAJSpkCMogJpOIQqc3Ed Xi7I7TKk3l2rxsvNxD+qPaRp+0p81trEcX7M81yhEBpg1q2UeEKLrDWkHxT1+l4N +ZHGT71zS5vq7pUrwWURlcy4mwOvNG0VA7BSu/j2mCAH2iUiRMEYOnZWEZTT9rS0 woDFAtU0Yp/zE6FhnXK0iwPyTfv9lJaOLpf30QnT3rc14t1sGhs460Hzv6XUbgjA Z89M5J+ImESPr3S1P7Tw39giD8LRsuXCqX8Hh3blz8astlrp9G+vmH/oN7U/yo9j uaGuwytV5aJuDDyl6tiMPz4nl537fxawdn95Mm9R67F1glESkEUob8ua2PRJDDCl 5ZPkTRwrIMyf2yS9ggvml2AsJbKUEs7pHxuzSpf9f/0ac5vBSwlXgLiEsq91uDxj TkEoXa/UKXyjDqnp4I/ctiwAopcp51Dvmsi2eiLKKxlS8XHWUZxVTSToqcGbj3OU isUqzGXEpvRgvC7u7oFS7FvSX+rBR0+H4iXq8MwCZvgfLldCyLQ= =5+D+ -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-6236-1 July 19, 2023
connman vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.04
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
Summary:
Several security issues were fixed in ConnMan.
Software Description: - connman: Intel Connection Manager daemon
Details:
It was discovered that ConnMan could be made to write out of bounds. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-26676)
It was discovered that ConnMan could be made to read out of bounds. A remote attacker could possibly use this issue to case ConnMan to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-23096, CVE-2022-23097)
It was discovered that ConnMan could be made to run into an infinite loop. A remote attacker could possibly use this issue to cause ConnMan to consume resources and to stop operating, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-23098)
It was discovered that ConnMan could be made to write out of bounds via the gweb component. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32292)
It was discovered that ConnMan did not properly manage memory under certain circumstances. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32293)
It was discovered that ConnMan could be made to write out of bounds via the gdhcp component. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-28488)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.04: connman 1.41-2ubuntu0.23.04.1
Ubuntu 22.04 LTS: connman 1.36-2.3ubuntu0.1
Ubuntu 20.04 LTS: connman 1.36-2ubuntu0.1
Ubuntu 18.04 LTS (Available with Ubuntu Pro): connman 1.35-6ubuntu0.1~esm1
Ubuntu 16.04 LTS (Available with Ubuntu Pro): connman 1.21-1.2+deb8u1ubuntu0.1~esm1
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-6236-1 CVE-2021-26675, CVE-2021-26676, CVE-2021-33833, CVE-2022-23096, CVE-2022-23097, CVE-2022-23098, CVE-2022-32292, CVE-2022-32293, CVE-2023-28488
Package Information: https://launchpad.net/ubuntu/+source/connman/1.41-2ubuntu0.23.04.1 https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1 https://launchpad.net/ubuntu/+source/connman/1.36-2ubuntu0.1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202102-1244",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "connman",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "1.39"
},
{
"model": "leap",
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "connman",
"scope": null,
"trust": 0.8,
"vendor": "connman",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-003676"
},
{
"db": "NVD",
"id": "CVE-2021-26676"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "163473"
}
],
"trust": 0.1
},
"cve": "CVE-2021-26676",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2021-26676",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "VHN-385825",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-26676",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-26676",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-26676",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-26676",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202102-744",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-385825",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-385825"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-003676"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-744"
},
{
"db": "NVD",
"id": "CVE-2021-26676"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp. ConnMan Contains an unspecified vulnerability.Information may be obtained. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202107-29\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: ConnMan: Multiple vulnerabilities\n Date: July 12, 2021\n Bugs: #769491, #795084\n ID: 202107-29\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nA buffer overflow in ConnMan might allow remote attacker(s) to execute\narbitrary code. \n\nBackground\n==========\n\nConnMan provides a daemon for managing Internet connections. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-misc/connman \u003c 1.40 \u003e= 1.40\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in connman. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll ConnMan users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/connman-1.40\"\n\nReferences\n==========\n\n[ 1 ] CVE-2021-26675\n https://nvd.nist.gov/vuln/detail/CVE-2021-26675\n[ 2 ] CVE-2021-26676\n https://nvd.nist.gov/vuln/detail/CVE-2021-26676\n[ 3 ] CVE-2021-33833\n https://nvd.nist.gov/vuln/detail/CVE-2021-33833\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202107-29\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2021 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n\n. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1.36-2.1~deb10u1. \n\nWe recommend that you upgrade your connman packages. \n\nFor the detailed security status of connman please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/connman\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmAhl9pfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0ToGg//e9ZijJG7S7wkyc4I+q+1Bn1kPikXh4osJ9wgNSUKdcsIGWpjAvnW+X1H\nWwT5OI+7BeuAK1uAvGIuDK5s6cPsaa8NUKLsAwgKKcwCJcN74wLKls+3j7vt4nQA\nynenKrwYBxxdfq9oUFPIvMhWggZ5a1LFqbgLeXnQc36IGAJSpkCMogJpOIQqc3Ed\nXi7I7TKk3l2rxsvNxD+qPaRp+0p81trEcX7M81yhEBpg1q2UeEKLrDWkHxT1+l4N\n+ZHGT71zS5vq7pUrwWURlcy4mwOvNG0VA7BSu/j2mCAH2iUiRMEYOnZWEZTT9rS0\nwoDFAtU0Yp/zE6FhnXK0iwPyTfv9lJaOLpf30QnT3rc14t1sGhs460Hzv6XUbgjA\nZ89M5J+ImESPr3S1P7Tw39giD8LRsuXCqX8Hh3blz8astlrp9G+vmH/oN7U/yo9j\nuaGuwytV5aJuDDyl6tiMPz4nl537fxawdn95Mm9R67F1glESkEUob8ua2PRJDDCl\n5ZPkTRwrIMyf2yS9ggvml2AsJbKUEs7pHxuzSpf9f/0ac5vBSwlXgLiEsq91uDxj\nTkEoXa/UKXyjDqnp4I/ctiwAopcp51Dvmsi2eiLKKxlS8XHWUZxVTSToqcGbj3OU\nisUqzGXEpvRgvC7u7oFS7FvSX+rBR0+H4iXq8MwCZvgfLldCyLQ=\n=5+D+\n-----END PGP SIGNATURE-----\n. ==========================================================================\nUbuntu Security Notice USN-6236-1\nJuly 19, 2023\n\nconnman vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 23.04\n- Ubuntu 22.04 LTS\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS (Available with Ubuntu Pro)\n- Ubuntu 16.04 LTS (Available with Ubuntu Pro)\n\nSummary:\n\nSeveral security issues were fixed in ConnMan. \n\nSoftware Description:\n- connman: Intel Connection Manager daemon\n\nDetails:\n\nIt was discovered that ConnMan could be made to write out of bounds. A\nremote attacker could possibly use this issue to cause ConnMan to crash,\nresulting in a denial of service, or possibly execute arbitrary code. This\nissue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This issue only affected\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-26676)\n\nIt was discovered that ConnMan could be made to read out of bounds. A\nremote attacker could possibly use this issue to case ConnMan to crash,\nresulting in a denial of service. This issue only affected Ubuntu 16.04\nLTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. \n(CVE-2022-23096, CVE-2022-23097)\n\nIt was discovered that ConnMan could be made to run into an infinite loop. \nA remote attacker could possibly use this issue to cause ConnMan to\nconsume resources and to stop operating, resulting in a denial of service. \nThis issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04\nLTS, and Ubuntu 22.04 LTS. (CVE-2022-23098)\n\nIt was discovered that ConnMan could be made to write out of bounds via\nthe gweb component. A remote attacker could possibly use this issue to\ncause ConnMan to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu\n18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32292)\n\nIt was discovered that ConnMan did not properly manage memory under\ncertain circumstances. A remote attacker could possibly use this issue to\ncause ConnMan to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu\n18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32293)\n\nIt was discovered that ConnMan could be made to write out of bounds via\nthe gdhcp component. A remote attacker could possibly use this issue to\ncause ConnMan to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. (CVE-2023-28488)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 23.04:\n connman 1.41-2ubuntu0.23.04.1\n\nUbuntu 22.04 LTS:\n connman 1.36-2.3ubuntu0.1\n\nUbuntu 20.04 LTS:\n connman 1.36-2ubuntu0.1\n\nUbuntu 18.04 LTS (Available with Ubuntu Pro):\n connman 1.35-6ubuntu0.1~esm1\n\nUbuntu 16.04 LTS (Available with Ubuntu Pro):\n connman 1.21-1.2+deb8u1ubuntu0.1~esm1\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n https://ubuntu.com/security/notices/USN-6236-1\n CVE-2021-26675, CVE-2021-26676, CVE-2021-33833, CVE-2022-23096,\n CVE-2022-23097, CVE-2022-23098, CVE-2022-32292, CVE-2022-32293,\n CVE-2023-28488\n\nPackage Information:\nhttps://launchpad.net/ubuntu/+source/connman/1.41-2ubuntu0.23.04.1\n https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1\n https://launchpad.net/ubuntu/+source/connman/1.36-2ubuntu0.1\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-26676"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-003676"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "VULHUB",
"id": "VHN-385825"
},
{
"db": "PACKETSTORM",
"id": "163473"
},
{
"db": "PACKETSTORM",
"id": "168994"
},
{
"db": "PACKETSTORM",
"id": "173601"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-26676",
"trust": 2.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/02/08/2",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "163473",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-003676",
"trust": 0.8
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.4078",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0511",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021071202",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202102-744",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-385825",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168994",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "173601",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-385825"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-003676"
},
{
"db": "PACKETSTORM",
"id": "163473"
},
{
"db": "PACKETSTORM",
"id": "168994"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-744"
},
{
"db": "NVD",
"id": "CVE-2021-26676"
}
]
},
"id": "VAR-202102-1244",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-385825"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:02:45.203000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "DSA-4847-1 openSUSE\u00a0projectBugzilla",
"trust": 0.8,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=58d397ba74873384aee449690a9070bacd5676fa"
},
{
"title": "ConnMan 1.39 Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=142574"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-003676"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-744"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-003676"
},
{
"db": "NVD",
"id": "CVE-2021-26676"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/202107-29"
},
{
"trust": 1.7,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=58d397ba74873384aee449690a9070bacd5676fa"
},
{
"trust": 1.7,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=a74524b3e3fad81b0fd1084ffdf9f2ea469cd9b1"
},
{
"trust": 1.7,
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/tree/changelog"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2021/dsa-4847"
},
{
"trust": 1.7,
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1181751"
},
{
"trust": 1.7,
"url": "https://kunnamon.io/tbone/"
},
{
"trust": 1.7,
"url": "https://www.openwall.com/lists/oss-security/2021/02/08/2"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00013.html"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26676"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/connman-buffer-overflow-34515"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.4078"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163473/gentoo-linux-security-advisory-202107-29.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0511"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021071202"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26675"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33833"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/connman"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/connman/1.36-2ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-28488"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32293"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/connman/1.41-2ubuntu0.23.04.1"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6236-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23098"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-385825"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-003676"
},
{
"db": "PACKETSTORM",
"id": "163473"
},
{
"db": "PACKETSTORM",
"id": "168994"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-744"
},
{
"db": "NVD",
"id": "CVE-2021-26676"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-385825"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-003676"
},
{
"db": "PACKETSTORM",
"id": "163473"
},
{
"db": "PACKETSTORM",
"id": "168994"
},
{
"db": "PACKETSTORM",
"id": "173601"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-744"
},
{
"db": "NVD",
"id": "CVE-2021-26676"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-02-09T00:00:00",
"db": "VULHUB",
"id": "VHN-385825"
},
{
"date": "2021-11-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-003676"
},
{
"date": "2021-07-13T15:09:13",
"db": "PACKETSTORM",
"id": "163473"
},
{
"date": "2021-02-28T20:12:00",
"db": "PACKETSTORM",
"id": "168994"
},
{
"date": "2023-07-19T15:26:27",
"db": "PACKETSTORM",
"id": "173601"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202102-744"
},
{
"date": "2021-02-09T16:15:12.593000",
"db": "NVD",
"id": "CVE-2021-26676"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-06T00:00:00",
"db": "VULHUB",
"id": "VHN-385825"
},
{
"date": "2021-11-01T09:04:00",
"db": "JVNDB",
"id": "JVNDB-2021-003676"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2023-07-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202102-744"
},
{
"date": "2024-11-21T05:56:39.277000",
"db": "NVD",
"id": "CVE-2021-26676"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202102-744"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ConnMan\u00a0 Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-003676"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
],
"trust": 0.6
}
}
Vulnerability from fkie_nvd
Published
2022-01-28 16:15
Modified
2024-11-21 06:47
Severity ?
Summary
An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | connman | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:connman:*:*:*:*:*:*:*:*",
"matchCriteriaId": "615FEE20-6784-4244-BF44-2CC6DFA8E9CD",
"versionEndIncluding": "1.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read."
},
{
"lang": "es",
"value": "Se ha detectado un problema en el proxy DNS en Connman versiones hasta 1.40. La funci\u00f3n forward_dns_reply maneja inapropiadamente una llamada a strnlen, conllevando a una lectura fuera de l\u00edmites"
}
],
"id": "CVE-2022-23097",
"lastModified": "2024-11-21T06:47:59.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-28T16:15:07.943",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/log/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00009.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-21"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/25/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/log/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/25/1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-28 16:15
Modified
2024-11-21 06:47
Severity ?
Summary
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | connman | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:connman:*:*:*:*:*:*:*:*",
"matchCriteriaId": "615FEE20-6784-4244-BF44-2CC6DFA8E9CD",
"versionEndIncluding": "1.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received."
},
{
"lang": "es",
"value": "Se ha detectado un problema en el proxy DNS en Connman versiones hasta 1.40. La implementaci\u00f3n de la respuesta del servidor TCP presenta un bucle infinito si no son recibidos datos"
}
],
"id": "CVE-2022-23098",
"lastModified": "2024-11-21T06:47:59.270",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-28T16:15:07.990",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/log/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00009.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-21"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/25/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/log/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/25/1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-835"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-01 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
ConnMan 1.3 on Tizen continues to list the bluetooth service after offline mode has been enabled, which might allow remote attackers to obtain sensitive information via Bluetooth packets.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:connman:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5333D31A-FFBF-407D-ABFF-8773D3CAEC57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:tizen:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E96ED5-6803-40EE-9750-71631A45C74D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ConnMan 1.3 on Tizen continues to list the bluetooth service after offline mode has been enabled, which might allow remote attackers to obtain sensitive information via Bluetooth packets."
},
{
"lang": "es",
"value": "ConnMan v1.3 en Tizen sigue enumerando el servicio de bluetooth despu\u00e9s que el modo fuera de l\u00ednea se ha activado, lo que podr\u00eda permitir a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de paquetes Bluetooth."
}
],
"id": "CVE-2012-6459",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-01-01T15:55:02.757",
"references": [
{
"source": "cve@mitre.org",
"url": "https://bugs.tizen.org/jira/browse/TIVI-211"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.tizen.org/jira/browse/TIVI-211"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-12 16:15
Modified
2025-02-08 03:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the connman process.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:connman:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C460340-FFB7-45B4-BDC1-A1A49B4290FA",
"versionEndIncluding": "1.41",
"versionStartIncluding": "0.55",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the connman process."
}
],
"id": "CVE-2023-28488",
"lastModified": "2025-02-08T03:15:10.410",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-04-12T16:15:19.353",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/moehw/poc_exploits/tree/master/CVE-2023-28488"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://kernel.googlesource.com/pub/scm/network/connman/connman/+/99e2c16ea1cced34a5dc450d76287a1c3e762138"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00024.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.debian.org/security/2023/dsa-5416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/moehw/poc_exploits/tree/master/CVE-2023-28488"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://kernel.googlesource.com/pub/scm/network/connman/connman/+/99e2c16ea1cced34a5dc450d76287a1c3e762138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2023/dsa-5416"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-03 14:15
Modified
2024-11-21 07:06
Severity ?
Summary
In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | connman | * | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:connman:*:*:*:*:*:*:*:*",
"matchCriteriaId": "147B3E0B-9D0F-444D-98DB-8397707DAE79",
"versionEndIncluding": "1.41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution."
},
{
"lang": "es",
"value": "En ConnMan versiones hasta 1.41, un ataque de tipo \"man-in-the-middle\" contra una consulta HTTP WISPR podr\u00eda ser usado para desencadenar un uso de memoria previamente liberada en el manejo de WISPR, conllevando a bloqueos o ejecuci\u00f3n de c\u00f3digo"
}
],
"id": "CVE-2022-32293",
"lastModified": "2024-11-21T07:06:07.250",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-03T14:15:08.667",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1200190"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://lore.kernel.org/connman/20220801080043.4861-1-wagi%40monom.org/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://lore.kernel.org/connman/20220801080043.4861-3-wagi%40monom.org/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-21"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1200190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://lore.kernel.org/connman/20220801080043.4861-1-wagi%40monom.org/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://lore.kernel.org/connman/20220801080043.4861-3-wagi%40monom.org/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-03 14:15
Modified
2024-11-21 07:06
Severity ?
Summary
In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://bugzilla.suse.com/show_bug.cgi?id=1200189 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://lore.kernel.org/connman/20220801080043.4861-5-wagi%40monom.org/ | Patch | |
| cve@mitre.org | https://security.gentoo.org/glsa/202310-21 | Third Party Advisory | |
| cve@mitre.org | https://www.debian.org/security/2022/dsa-5231 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.suse.com/show_bug.cgi?id=1200189 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lore.kernel.org/connman/20220801080043.4861-5-wagi%40monom.org/ | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-21 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2022/dsa-5231 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | connman | * | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:connman:*:*:*:*:*:*:*:*",
"matchCriteriaId": "147B3E0B-9D0F-444D-98DB-8397707DAE79",
"versionEndIncluding": "1.41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code."
},
{
"lang": "es",
"value": "En ConnMan versiones hasta 1.41, los atacantes remotos capaces de enviar peticiones HTTP al componente gweb pueden explotar un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en la funci\u00f3n received_data para ejecutar c\u00f3digo"
}
],
"id": "CVE-2022-32292",
"lastModified": "2024-11-21T07:06:07.083",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-03T14:15:08.620",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1200189"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://lore.kernel.org/connman/20220801080043.4861-5-wagi%40monom.org/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-21"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1200189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://lore.kernel.org/connman/20220801080043.4861-5-wagi%40monom.org/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-28 16:15
Modified
2024-11-21 06:47
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | connman | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:connman:*:*:*:*:*:*:*:*",
"matchCriteriaId": "615FEE20-6784-4244-BF44-2CC6DFA8E9CD",
"versionEndIncluding": "1.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read."
},
{
"lang": "es",
"value": "Se ha detectado un problema en el proxy DNS en Connman versiones hasta 1.40. La implementaci\u00f3n de la respuesta del servidor TCP carece de una comprobaci\u00f3n de la presencia de suficientes datos de encabezado, conllevando a una lectura fuera de l\u00edmites"
}
],
"id": "CVE-2022-23096",
"lastModified": "2024-11-21T06:47:58.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-01-28T16:15:07.897",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/log/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00009.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-21"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/25/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/log/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/25/1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-09 16:15
Modified
2024-11-21 05:56
Severity ?
Summary
A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | connman | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| opensuse | leap | 15.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:connman:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6D54B9-DC0E-4300-B554-45AFA532C3CB",
"versionEndExcluding": "1.39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B009C22E-30A4-4288-BCF6-C3E81DEAF45A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en dnsproxy en ConnMan versiones anteriores a 1.39, podr\u00eda ser usado por atacantes adyacentes a la red para ejecutar c\u00f3digo"
}
],
"id": "CVE-2021-26675",
"lastModified": "2024-11-21T05:56:39.123",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-09T16:15:12.453",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1181751"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e4079a20f617a4b076af503f6e4e8b0304c9f2cb"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog"
},
{
"source": "cve@mitre.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://kunnamon.io/tbone/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00013.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-29"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4847"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2021/02/08/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1181751"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e4079a20f617a4b076af503f6e4e8b0304c9f2cb"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://kunnamon.io/tbone/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2021/02/08/2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-09 16:15
Modified
2024-11-21 05:56
Severity ?
Summary
gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | connman | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| opensuse | leap | 15.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:connman:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6D54B9-DC0E-4300-B554-45AFA532C3CB",
"versionEndExcluding": "1.39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B009C22E-30A4-4288-BCF6-C3E81DEAF45A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp."
},
{
"lang": "es",
"value": "Los atacantes adyacentes a la red pod\u00edan usar gdhcp en ConnMan versiones anteriores a 1.39, para filtrar informaci\u00f3n confidencial de la pila, lo que permitir\u00eda una mayor explotaci\u00f3n de los errores en gdhcp"
}
],
"id": "CVE-2021-26676",
"lastModified": "2024-11-21T05:56:39.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-09T16:15:12.593",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1181751"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=58d397ba74873384aee449690a9070bacd5676fa"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=a74524b3e3fad81b0fd1084ffdf9f2ea469cd9b1"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://kunnamon.io/tbone/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00013.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-29"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4847"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2021/02/08/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1181751"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=58d397ba74873384aee449690a9070bacd5676fa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=a74524b3e3fad81b0fd1084ffdf9f2ea469cd9b1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kunnamon.io/tbone/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2021/02/08/2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-29 16:29
Modified
2025-04-20 01:37
Severity ?
Summary
Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the "name" variable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | connman | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:connman:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1919AFA0-4CCB-491B-9364-AD47CD7BB068",
"versionEndIncluding": "1.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in \"dnsproxy.c\" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the \"name\" variable."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer basado en pila en \"dnsproxy.c\" en connman 1.34 y anteriores permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (bloqueo) o ejecuten c\u00f3digo arbitrario mediante una cadena de consulta de respuesta manipulada pasada a la variable \"name\"."
}
],
"id": "CVE-2017-12865",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-29T16:29:00.217",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3956"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100498"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://01.org/security/intel-oss-10001/intel-oss-10001"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483720"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=5c281d182ecdd0a424b64f7698f32467f8f67b71"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201812-02"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.nri-secure.com/blog/new-iot-vulnerability-connmando"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100498"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://01.org/security/intel-oss-10001/intel-oss-10001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=5c281d182ecdd0a424b64f7698f32467f8f67b71"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201812-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.nri-secure.com/blog/new-iot-vulnerability-connmando"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2012-6459 (GCVE-0-2012-6459)
Vulnerability from cvelistv5
Published
2013-01-01 15:00
Modified
2024-09-17 04:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ConnMan 1.3 on Tizen continues to list the bluetooth service after offline mode has been enabled, which might allow remote attackers to obtain sensitive information via Bluetooth packets.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.tizen.org/jira/browse/TIVI-211 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:28:39.823Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.tizen.org/jira/browse/TIVI-211"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ConnMan 1.3 on Tizen continues to list the bluetooth service after offline mode has been enabled, which might allow remote attackers to obtain sensitive information via Bluetooth packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-01-01T15:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.tizen.org/jira/browse/TIVI-211"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ConnMan 1.3 on Tizen continues to list the bluetooth service after offline mode has been enabled, which might allow remote attackers to obtain sensitive information via Bluetooth packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.tizen.org/jira/browse/TIVI-211",
"refsource": "CONFIRM",
"url": "https://bugs.tizen.org/jira/browse/TIVI-211"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-6459",
"datePublished": "2013-01-01T15:00:00Z",
"dateReserved": "2013-01-01T00:00:00Z",
"dateUpdated": "2024-09-17T04:19:36.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23098 (GCVE-0-2022-23098)
Vulnerability from cvelistv5
Published
2022-01-28 00:00
Modified
2024-08-03 03:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:43.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/log/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/25/1"
},
{
"name": "[debian-lts-announce] 20220209 [SECURITY] [DLA 2915-1] connman security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00009.html"
},
{
"name": "DSA-5231",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"name": "GLSA-202310-21",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-21"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-31T07:06:19.178744",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/log/"
},
{
"url": "https://www.openwall.com/lists/oss-security/2022/01/25/1"
},
{
"name": "[debian-lts-announce] 20220209 [SECURITY] [DLA 2915-1] connman security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00009.html"
},
{
"name": "DSA-5231",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"name": "GLSA-202310-21",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-21"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23098",
"datePublished": "2022-01-28T00:00:00",
"dateReserved": "2022-01-11T00:00:00",
"dateUpdated": "2024-08-03T03:28:43.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-26675 (GCVE-0-2021-26675)
Vulnerability from cvelistv5
Published
2021-02-09 15:47
Modified
2024-08-03 20:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.suse.com/show_bug.cgi?id=1181751 | x_refsource_MISC | |
| https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog | x_refsource_CONFIRM | |
| https://www.openwall.com/lists/oss-security/2021/02/08/2 | x_refsource_MISC | |
| https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e4079a20f617a4b076af503f6e4e8b0304c9f2cb | x_refsource_CONFIRM | |
| https://lists.debian.org/debian-lts-announce/2021/02/msg00013.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2021/dsa-4847 | vendor-advisory, x_refsource_DEBIAN | |
| https://kunnamon.io/tbone/ | x_refsource_MISC | |
| https://security.gentoo.org/glsa/202107-29 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:26:25.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1181751"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2021/02/08/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e4079a20f617a4b076af503f6e4e8b0304c9f2cb"
},
{
"name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2552-1] connman security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00013.html"
},
{
"name": "DSA-4847",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4847"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kunnamon.io/tbone/"
},
{
"name": "GLSA-202107-29",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-29"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-12T04:06:52",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1181751"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2021/02/08/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e4079a20f617a4b076af503f6e4e8b0304c9f2cb"
},
{
"name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2552-1] connman security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00013.html"
},
{
"name": "DSA-4847",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4847"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kunnamon.io/tbone/"
},
{
"name": "GLSA-202107-29",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202107-29"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-26675",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1181751",
"refsource": "MISC",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1181751"
},
{
"name": "https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog",
"refsource": "CONFIRM",
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog"
},
{
"name": "https://www.openwall.com/lists/oss-security/2021/02/08/2",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2021/02/08/2"
},
{
"name": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e4079a20f617a4b076af503f6e4e8b0304c9f2cb",
"refsource": "CONFIRM",
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e4079a20f617a4b076af503f6e4e8b0304c9f2cb"
},
{
"name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2552-1] connman security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00013.html"
},
{
"name": "DSA-4847",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4847"
},
{
"name": "https://kunnamon.io/tbone/",
"refsource": "MISC",
"url": "https://kunnamon.io/tbone/"
},
{
"name": "GLSA-202107-29",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-29"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-26675",
"datePublished": "2021-02-09T15:47:25",
"dateReserved": "2021-02-03T00:00:00",
"dateUpdated": "2024-08-03T20:26:25.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-26676 (GCVE-0-2021-26676)
Vulnerability from cvelistv5
Published
2021-02-09 15:47
Modified
2024-08-03 20:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.suse.com/show_bug.cgi?id=1181751 | x_refsource_MISC | |
| https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog | x_refsource_CONFIRM | |
| https://www.openwall.com/lists/oss-security/2021/02/08/2 | x_refsource_MISC | |
| https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=a74524b3e3fad81b0fd1084ffdf9f2ea469cd9b1 | x_refsource_CONFIRM | |
| https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=58d397ba74873384aee449690a9070bacd5676fa | x_refsource_CONFIRM | |
| https://lists.debian.org/debian-lts-announce/2021/02/msg00013.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2021/dsa-4847 | vendor-advisory, x_refsource_DEBIAN | |
| https://kunnamon.io/tbone/ | x_refsource_MISC | |
| https://security.gentoo.org/glsa/202107-29 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:26:25.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1181751"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2021/02/08/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=a74524b3e3fad81b0fd1084ffdf9f2ea469cd9b1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=58d397ba74873384aee449690a9070bacd5676fa"
},
{
"name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2552-1] connman security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00013.html"
},
{
"name": "DSA-4847",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4847"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kunnamon.io/tbone/"
},
{
"name": "GLSA-202107-29",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-29"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-12T04:06:50",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1181751"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2021/02/08/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=a74524b3e3fad81b0fd1084ffdf9f2ea469cd9b1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=58d397ba74873384aee449690a9070bacd5676fa"
},
{
"name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2552-1] connman security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00013.html"
},
{
"name": "DSA-4847",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4847"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kunnamon.io/tbone/"
},
{
"name": "GLSA-202107-29",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202107-29"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-26676",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1181751",
"refsource": "MISC",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1181751"
},
{
"name": "https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog",
"refsource": "CONFIRM",
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog"
},
{
"name": "https://www.openwall.com/lists/oss-security/2021/02/08/2",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2021/02/08/2"
},
{
"name": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=a74524b3e3fad81b0fd1084ffdf9f2ea469cd9b1",
"refsource": "CONFIRM",
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=a74524b3e3fad81b0fd1084ffdf9f2ea469cd9b1"
},
{
"name": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=58d397ba74873384aee449690a9070bacd5676fa",
"refsource": "CONFIRM",
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=58d397ba74873384aee449690a9070bacd5676fa"
},
{
"name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2552-1] connman security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00013.html"
},
{
"name": "DSA-4847",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4847"
},
{
"name": "https://kunnamon.io/tbone/",
"refsource": "MISC",
"url": "https://kunnamon.io/tbone/"
},
{
"name": "GLSA-202107-29",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-29"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-26676",
"datePublished": "2021-02-09T15:47:29",
"dateReserved": "2021-02-03T00:00:00",
"dateUpdated": "2024-08-03T20:26:25.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23096 (GCVE-0-2022-23096)
Vulnerability from cvelistv5
Published
2022-01-28 00:00
Modified
2024-10-15 15:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:43.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/log/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/25/1"
},
{
"name": "[debian-lts-announce] 20220209 [SECURITY] [DLA 2915-1] connman security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00009.html"
},
{
"name": "DSA-5231",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"name": "GLSA-202310-21",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-21"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-23096",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T15:12:20.899323Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T15:12:52.871Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-31T07:06:15.995176",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/log/"
},
{
"url": "https://www.openwall.com/lists/oss-security/2022/01/25/1"
},
{
"name": "[debian-lts-announce] 20220209 [SECURITY] [DLA 2915-1] connman security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00009.html"
},
{
"name": "DSA-5231",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"name": "GLSA-202310-21",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-21"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23096",
"datePublished": "2022-01-28T00:00:00",
"dateReserved": "2022-01-11T00:00:00",
"dateUpdated": "2024-10-15T15:12:52.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12865 (GCVE-0-2017-12865)
Vulnerability from cvelistv5
Published
2017-08-29 16:00
Modified
2024-08-05 18:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the "name" variable.
References
| ▼ | URL | Tags |
|---|---|---|
| https://01.org/security/intel-oss-10001/intel-oss-10001 | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1483720 | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201812-02 | vendor-advisory, x_refsource_GENTOO | |
| https://www.nri-secure.com/blog/new-iot-vulnerability-connmando | x_refsource_MISC | |
| http://www.securityfocus.com/bid/100498 | vdb-entry, x_refsource_BID | |
| https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=5c281d182ecdd0a424b64f7698f32467f8f67b71 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2017/dsa-3956 | vendor-advisory, x_refsource_DEBIAN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:51:06.862Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://01.org/security/intel-oss-10001/intel-oss-10001"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483720"
},
{
"name": "GLSA-201812-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201812-02"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nri-secure.com/blog/new-iot-vulnerability-connmando"
},
{
"name": "100498",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100498"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=5c281d182ecdd0a424b64f7698f32467f8f67b71"
},
{
"name": "DSA-3956",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3956"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in \"dnsproxy.c\" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the \"name\" variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-03T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://01.org/security/intel-oss-10001/intel-oss-10001"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483720"
},
{
"name": "GLSA-201812-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201812-02"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nri-secure.com/blog/new-iot-vulnerability-connmando"
},
{
"name": "100498",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100498"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=5c281d182ecdd0a424b64f7698f32467f8f67b71"
},
{
"name": "DSA-3956",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3956"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12865",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in \"dnsproxy.c\" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the \"name\" variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://01.org/security/intel-oss-10001/intel-oss-10001",
"refsource": "CONFIRM",
"url": "https://01.org/security/intel-oss-10001/intel-oss-10001"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1483720",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483720"
},
{
"name": "GLSA-201812-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201812-02"
},
{
"name": "https://www.nri-secure.com/blog/new-iot-vulnerability-connmando",
"refsource": "MISC",
"url": "https://www.nri-secure.com/blog/new-iot-vulnerability-connmando"
},
{
"name": "100498",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100498"
},
{
"name": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=5c281d182ecdd0a424b64f7698f32467f8f67b71",
"refsource": "CONFIRM",
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=5c281d182ecdd0a424b64f7698f32467f8f67b71"
},
{
"name": "DSA-3956",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3956"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-12865",
"datePublished": "2017-08-29T16:00:00",
"dateReserved": "2017-08-15T00:00:00",
"dateUpdated": "2024-08-05T18:51:06.862Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-32292 (GCVE-0-2022-32292)
Vulnerability from cvelistv5
Published
2022-08-03 00:00
Modified
2024-08-03 07:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:39:50.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1200189"
},
{
"tags": [
"x_transferred"
],
"url": "https://lore.kernel.org/connman/20220801080043.4861-5-wagi%40monom.org/"
},
{
"name": "DSA-5231",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"name": "GLSA-202310-21",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-21"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-31T07:06:20.731651",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1200189"
},
{
"url": "https://lore.kernel.org/connman/20220801080043.4861-5-wagi%40monom.org/"
},
{
"name": "DSA-5231",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"name": "GLSA-202310-21",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-21"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-32292",
"datePublished": "2022-08-03T00:00:00",
"dateReserved": "2022-06-05T00:00:00",
"dateUpdated": "2024-08-03T07:39:50.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-32293 (GCVE-0-2022-32293)
Vulnerability from cvelistv5
Published
2022-08-03 00:00
Modified
2024-08-03 07:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:39:50.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1200190"
},
{
"tags": [
"x_transferred"
],
"url": "https://lore.kernel.org/connman/20220801080043.4861-3-wagi%40monom.org/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lore.kernel.org/connman/20220801080043.4861-1-wagi%40monom.org/"
},
{
"name": "DSA-5231",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"name": "GLSA-202310-21",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-21"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-31T07:06:14.452607",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1200190"
},
{
"url": "https://lore.kernel.org/connman/20220801080043.4861-3-wagi%40monom.org/"
},
{
"url": "https://lore.kernel.org/connman/20220801080043.4861-1-wagi%40monom.org/"
},
{
"name": "DSA-5231",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"name": "GLSA-202310-21",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-21"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-32293",
"datePublished": "2022-08-03T00:00:00",
"dateReserved": "2022-06-05T00:00:00",
"dateUpdated": "2024-08-03T07:39:50.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28488 (GCVE-0-2023-28488)
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2025-02-08 02:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the connman process.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:38:25.352Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://kernel.googlesource.com/pub/scm/network/connman/connman/+/99e2c16ea1cced34a5dc450d76287a1c3e762138"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/moehw/poc_exploits/tree/master/CVE-2023-28488"
},
{
"name": "[debian-lts-announce] 20230421 [SECURITY] [DLA 3397-1] connman security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00024.html"
},
{
"name": "DSA-5416",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5416"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28488",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-08T02:37:06.879551Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-08T02:37:47.578Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the connman process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-31T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://kernel.googlesource.com/pub/scm/network/connman/connman/+/99e2c16ea1cced34a5dc450d76287a1c3e762138"
},
{
"url": "https://github.com/moehw/poc_exploits/tree/master/CVE-2023-28488"
},
{
"name": "[debian-lts-announce] 20230421 [SECURITY] [DLA 3397-1] connman security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00024.html"
},
{
"name": "DSA-5416",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5416"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-28488",
"datePublished": "2023-04-12T00:00:00.000Z",
"dateReserved": "2023-03-16T00:00:00.000Z",
"dateUpdated": "2025-02-08T02:37:47.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23097 (GCVE-0-2022-23097)
Vulnerability from cvelistv5
Published
2022-01-28 00:00
Modified
2024-11-19 19:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:43.491Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/log/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/25/1"
},
{
"name": "[debian-lts-announce] 20220209 [SECURITY] [DLA 2915-1] connman security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00009.html"
},
{
"name": "DSA-5231",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"name": "GLSA-202310-21",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-21"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-23097",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-03T19:14:36.176383Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:10:45.191Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-31T07:06:17.527788",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.kernel.org/pub/scm/network/connman/connman.git/log/"
},
{
"url": "https://www.openwall.com/lists/oss-security/2022/01/25/1"
},
{
"name": "[debian-lts-announce] 20220209 [SECURITY] [DLA 2915-1] connman security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00009.html"
},
{
"name": "DSA-5231",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5231"
},
{
"name": "GLSA-202310-21",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-21"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23097",
"datePublished": "2022-01-28T00:00:00",
"dateReserved": "2022-01-11T00:00:00",
"dateUpdated": "2024-11-19T19:10:45.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}