Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Remote code execution in connman

Related Vulnerabilities: CVE-2021-26675   CVE-2021-26676  
Source 
                Hi,

Tesla has reported a remote (adjacent network) code execution flaw in
connman, a lightweight network manager, to our SUSE colleage and
connman upstream maintainer Daniel Wagner,

https://git.kernel.org/pub/scm/network/connman/connman.git/

https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e4079a20f617a4b076af503f6e4e8b0304c9f2cb

Mitre has assigned CVE-2021-26675.

The commit fixes a stack buffer overflow that can be used to execute code by network adjacent attackers.

https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=a74524b3e3fad81b0fd1084ffdf9f2ea469cd9b1
https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=58d397ba74873384aee449690a9070bacd5676fa

Mitre has assigned CVE-2021-26676

Remote stack information leak which can be used to help execute CVE-2021-26675 reliably.

Ciao, Marcus

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started