Published: 03/08/2022 Updated: 21/12/2023

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

In ConnMan up to and including 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.

Vulnerable Product	Search on Vulmon	Subscribe to Product
intel connman
debian debian linux 11.0

Debian Bug report logs - #1016976 connman: CVE-2022-32292 CVE-2022-32293 Package: src:connman; Maintainer for src:connman is Vignesh Raman <vigneshraman@collaboracom>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Wed, 10 Aug 2022 20:15:02 UTC Severity: grave Tags: security, upstream Reply or subscri ...

Several vulnerabilities were discovered in ConnMan, a network manager for embedded devices, which could result in denial of service or the execution of arbitrary code For the stable distribution (bullseye), these problems have been fixed in version 136-22+deb11u1 We recommend that you upgrade your connman packages For the detailed security sta ...

Severity Unknown Remote Unknown Type Unknown Description AVG-2818 connman 141-1 Unknown Unknown lorekernelorg/connman/202208010800434861-5-wagi@monomorg/ bugzillasusecom/show_bugcgi?i ...

CWE-787 https://bugzilla.suse.com/show_bug.cgi?id=1200189 https://www.debian.org/security/2022/dsa-5231 https://security.gentoo.org/glsa/202310-21 https://lore.kernel.org/connman/20220801080043.4861-5-wagi%40monom.org/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016976 https://nvd.nist.gov https://www.debian.org/security/2022/dsa-5231

CVE-2022-32292

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect