Published: 09/02/2021 Updated: 23/05/2022

CVSS v2 Base Score: 5.8 | Impact Score: 6.4 | Exploitability Score: 6.5

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 516

Vector: AV:A/AC:L/Au:N/C:P/I:P/A:P

A stack-based buffer overflow in dnsproxy in ConnMan prior to 1.39 could be used by network adjacent malicious users to execute code.

Vulnerable Product	Search on Vulmon	Subscribe to Product
intel connman
debian debian linux 9.0
debian debian linux 10.0
opensuse leap 15.2

A remote information leak vulnerability and a remote buffer overflow vulnerability were discovered in ConnMan, a network manager for embedded devices, which could result in denial of service or the execution of arbitrary code For the stable distribution (buster), these problems have been fixed in version 136-21~deb10u1 We recommend that you upg ...

A security issue was found in connman 138 A stack buffer overflow can be used to execute code by network adjacent attackers ...

Hi, Tesla has reported a remote (adjacent network) code execution flaw in connman, a lightweight network manager, to our SUSE colleage and connman upstream maintainer Daniel Wagner, gitkernelorg/pub/scm/network/connman/connmangit/ gitkernelorg/pub/scm/network/connman/connmangit/commit/?id=e4079a20f617a4b076af503f6e4e8b0304c ...

CWE-787 https://www.openwall.com/lists/oss-security/2021/02/08/2 https://bugzilla.suse.com/show_bug.cgi?id=1181751 https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e4079a20f617a4b076af503f6e4e8b0304c9f2cb https://lists.debian.org/debian-lts-announce/2021/02/msg00013.html https://www.debian.org/security/2021/dsa-4847 https://kunnamon.io/tbone/https://security.gentoo.org/glsa/202107-29 https://nvd.nist.gov https://www.debian.org/security/2021/dsa-4847

CVE-2021-26675

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Mailing Lists

References

Vulmon Search

About

Products

Connect