Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
5 vulnerabilities by ConnMan
CVE-2025-32743 (GCVE-0-2025-32743)
Vulnerability from cvelistv5 – Published: 2025-04-10 00:00 – Updated: 2025-04-10 14:30
VLAI
Summary
In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code, because those lookup values lead to incorrect length calculations and incorrect memcpy operations.
Severity
9 (Critical)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-392 - Missing Report of Error Condition
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32743",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-10T14:30:10.050718Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-10T14:30:27.850Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "ConnMan",
"vendor": "ConnMan",
"versions": [
{
"lessThanOrEqual": "1.44",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:connman:connman:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code, because those lookup values lead to incorrect length calculations and incorrect memcpy operations."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-392",
"description": "CWE-392 Missing Report of Error Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-10T13:24:48.982Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://web.git.kernel.org/pub/scm/network/connman/connman.git/tree/src/dnsproxy.c?h=1.44#n1688"
},
{
"url": "https://lapis-sawfish-be3.notion.site/0-click-Vulnerability-in-Comman-1-43_v3-1cadc00d01d080b0b3b9c46a6da584cc"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-32743",
"datePublished": "2025-04-10T00:00:00.000Z",
"dateReserved": "2025-04-10T00:00:00.000Z",
"dateUpdated": "2025-04-10T14:30:27.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-32366 (GCVE-0-2025-32366)
Vulnerability from cvelistv5 – Published: 2025-04-05 00:00 – Updated: 2025-04-15 15:15
VLAI
Summary
In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen) and memcpy(response+offset,*end,*rdlen) without a check for whether the sum of *end and *rdlen exceeds max. Consequently, *rdlen may be larger than the amount of remaining packet data in the current state of parsing. Values of stack memory locations may be sent over the network in a response.
Severity
4.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-130 - Improper Handling of Length Parameter Inconsistency
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32366",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-07T14:42:05.651515Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T15:15:06.273Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ConnMan",
"vendor": "ConnMan",
"versions": [
{
"lessThanOrEqual": "1.44",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:connman:connman:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr-\u003erdlen) and memcpy(response+offset,*end,*rdlen) without a check for whether the sum of *end and *rdlen exceeds max. Consequently, *rdlen may be larger than the amount of remaining packet data in the current state of parsing. Values of stack memory locations may be sent over the network in a response."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-130",
"description": "CWE-130 Improper Handling of Length Parameter Inconsistency",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-11T17:13:52.101Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://web.git.kernel.org/pub/scm/network/connman/connman.git/tree/src/dnsproxy.c?h=1.44#n1001"
},
{
"url": "https://web.git.kernel.org/pub/scm/network/connman/connman.git/tree/src/dnsproxy.c?h=1.44#n988"
},
{
"url": "https://lapis-sawfish-be3.notion.site/0-day-Comman-memory-Leak-190dc00d01d080688472d322c93c4340"
},
{
"url": "https://web.archive.org/web/20250410130356/https://lapis-sawfish-be3.notion.site/0-day-Comman-memory-Leak-190dc00d01d080688472d322c93c4340"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-32366",
"datePublished": "2025-04-05T00:00:00.000Z",
"dateReserved": "2025-04-05T00:00:00.000Z",
"dateUpdated": "2025-04-15T15:15:06.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-2321 (GCVE-0-2012-2321)
Vulnerability from cvelistv5 – Published: 2012-05-18 22:00 – Updated: 2024-08-06 19:26
VLAI
Summary
The loopback plug-in in ConnMan before 0.85 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) host name or (2) domain name in a DHCP reply.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/53408 | vdb-entryx_refsource_BID |
| http://git.kernel.org/?p=network/connman/connman.… | x_refsource_CONFIRM |
| http://www.osvdb.org/81705 | vdb-entryx_refsource_OSVDB |
| http://git.kernel.org/?p=network/connman/connman.… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/05/07/6 | mailing-listx_refsource_MLIST |
| http://security.gentoo.org/glsa/glsa-201205-02.xml | vendor-advisoryx_refsource_GENTOO |
| http://www.openwall.com/lists/oss-security/2012/05/07/2 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2012/0… | mailing-listx_refsource_MLIST |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/49033 | third-party-advisoryx_refsource_SECUNIA |
| https://bugzilla.novell.com/show_bug.cgi?id=715172 | x_refsource_MISC |
| http://secunia.com/advisories/49186 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2012-05-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:26:08.997Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "53408",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53408"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=network/connman/connman.git%3Ba=commit%3Bh=26ace5c59f790bce0f1988b88874c6f2c480fd5a"
},
{
"name": "81705",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/81705"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=network/connman/connman.git%3Ba=commit%3Bh=a5f540db7354b76bcabd0a05d8eb8ba2bff4e911"
},
{
"name": "[oss-security] 20120507 Re: connman heads up / CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/6"
},
{
"name": "GLSA-201205-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201205-02.xml"
},
{
"name": "[oss-security] 20120507 connman heads up / CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/2"
},
{
"name": "[oss-security] 20120507 Re: connman heads up / CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/10"
},
{
"name": "connman-hostname-command-exec(75466)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75466"
},
{
"name": "49033",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49033"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=715172"
},
{
"name": "49186",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49186"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The loopback plug-in in ConnMan before 0.85 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) host name or (2) domain name in a DHCP reply."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "53408",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53408"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=network/connman/connman.git%3Ba=commit%3Bh=26ace5c59f790bce0f1988b88874c6f2c480fd5a"
},
{
"name": "81705",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/81705"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=network/connman/connman.git%3Ba=commit%3Bh=a5f540db7354b76bcabd0a05d8eb8ba2bff4e911"
},
{
"name": "[oss-security] 20120507 Re: connman heads up / CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/6"
},
{
"name": "GLSA-201205-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201205-02.xml"
},
{
"name": "[oss-security] 20120507 connman heads up / CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/2"
},
{
"name": "[oss-security] 20120507 Re: connman heads up / CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/10"
},
{
"name": "connman-hostname-command-exec(75466)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75466"
},
{
"name": "49033",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49033"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=715172"
},
{
"name": "49186",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49186"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2321",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The loopback plug-in in ConnMan before 0.85 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) host name or (2) domain name in a DHCP reply."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "53408",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53408"
},
{
"name": "http://git.kernel.org/?p=network/connman/connman.git;a=commit;h=26ace5c59f790bce0f1988b88874c6f2c480fd5a",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=network/connman/connman.git;a=commit;h=26ace5c59f790bce0f1988b88874c6f2c480fd5a"
},
{
"name": "81705",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/81705"
},
{
"name": "http://git.kernel.org/?p=network/connman/connman.git;a=commit;h=a5f540db7354b76bcabd0a05d8eb8ba2bff4e911",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=network/connman/connman.git;a=commit;h=a5f540db7354b76bcabd0a05d8eb8ba2bff4e911"
},
{
"name": "[oss-security] 20120507 Re: connman heads up / CVE requests",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/6"
},
{
"name": "GLSA-201205-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201205-02.xml"
},
{
"name": "[oss-security] 20120507 connman heads up / CVE requests",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/2"
},
{
"name": "[oss-security] 20120507 Re: connman heads up / CVE requests",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/10"
},
{
"name": "connman-hostname-command-exec(75466)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75466"
},
{
"name": "49033",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49033"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=715172",
"refsource": "MISC",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=715172"
},
{
"name": "49186",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49186"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-2321",
"datePublished": "2012-05-18T22:00:00.000Z",
"dateReserved": "2012-04-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T19:26:08.997Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-2322 (GCVE-0-2012-2322)
Vulnerability from cvelistv5 – Published: 2012-05-18 22:00 – Updated: 2024-08-06 19:26
VLAI
Summary
Integer overflow in the dhcpv6_get_option function in gdhcp/client.c in ConnMan before 0.85 allows remote attackers to cause a denial of service (infinite loop and crash) via an invalid length value in a DHCP packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/53410 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/81706 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.openwall.com/lists/oss-security/2012/05/07/6 | mailing-listx_refsource_MLIST |
| http://security.gentoo.org/glsa/glsa-201205-02.xml | vendor-advisoryx_refsource_GENTOO |
| http://www.openwall.com/lists/oss-security/2012/05/07/2 | mailing-listx_refsource_MLIST |
| http://git.kernel.org/?p=network/connman/connman.… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/0… | mailing-listx_refsource_MLIST |
| http://secunia.com/advisories/49033 | third-party-advisoryx_refsource_SECUNIA |
| https://bugzilla.novell.com/show_bug.cgi?id=715172 | x_refsource_MISC |
| http://secunia.com/advisories/49186 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2012-05-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:26:08.994Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "53410",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53410"
},
{
"name": "81706",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/81706"
},
{
"name": "connman-dhcp-dos(75420)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75420"
},
{
"name": "[oss-security] 20120507 Re: connman heads up / CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/6"
},
{
"name": "GLSA-201205-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201205-02.xml"
},
{
"name": "[oss-security] 20120507 connman heads up / CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=network/connman/connman.git%3Ba=commitdiff%3Bh=1d1a22fe586a455935483708fbe8eaeada79df7f"
},
{
"name": "[oss-security] 20120507 Re: connman heads up / CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/10"
},
{
"name": "49033",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49033"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=715172"
},
{
"name": "49186",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49186"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the dhcpv6_get_option function in gdhcp/client.c in ConnMan before 0.85 allows remote attackers to cause a denial of service (infinite loop and crash) via an invalid length value in a DHCP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "53410",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53410"
},
{
"name": "81706",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/81706"
},
{
"name": "connman-dhcp-dos(75420)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75420"
},
{
"name": "[oss-security] 20120507 Re: connman heads up / CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/6"
},
{
"name": "GLSA-201205-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201205-02.xml"
},
{
"name": "[oss-security] 20120507 connman heads up / CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=network/connman/connman.git%3Ba=commitdiff%3Bh=1d1a22fe586a455935483708fbe8eaeada79df7f"
},
{
"name": "[oss-security] 20120507 Re: connman heads up / CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/10"
},
{
"name": "49033",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49033"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=715172"
},
{
"name": "49186",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49186"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2322",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the dhcpv6_get_option function in gdhcp/client.c in ConnMan before 0.85 allows remote attackers to cause a denial of service (infinite loop and crash) via an invalid length value in a DHCP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "53410",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53410"
},
{
"name": "81706",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/81706"
},
{
"name": "connman-dhcp-dos(75420)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75420"
},
{
"name": "[oss-security] 20120507 Re: connman heads up / CVE requests",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/6"
},
{
"name": "GLSA-201205-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201205-02.xml"
},
{
"name": "[oss-security] 20120507 connman heads up / CVE requests",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/2"
},
{
"name": "http://git.kernel.org/?p=network/connman/connman.git;a=commitdiff;h=1d1a22fe586a455935483708fbe8eaeada79df7f",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=network/connman/connman.git;a=commitdiff;h=1d1a22fe586a455935483708fbe8eaeada79df7f"
},
{
"name": "[oss-security] 20120507 Re: connman heads up / CVE requests",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/10"
},
{
"name": "49033",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49033"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=715172",
"refsource": "MISC",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=715172"
},
{
"name": "49186",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49186"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-2322",
"datePublished": "2012-05-18T22:00:00.000Z",
"dateReserved": "2012-04-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T19:26:08.994Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-2320 (GCVE-0-2012-2320)
Vulnerability from cvelistv5 – Published: 2012-05-18 22:00 – Updated: 2024-08-06 19:26
VLAI
Summary
ConnMan before 0.85 does not ensure that netlink messages originate from the kernel, which allows remote attackers to bypass intended access restrictions and cause a denial of service via a crafted netlink message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://git.kernel.org/?p=network/connman/connman.… | x_refsource_CONFIRM |
| http://www.osvdb.org/81704 | vdb-entryx_refsource_OSVDB |
| http://www.openwall.com/lists/oss-security/2012/05/07/6 | mailing-listx_refsource_MLIST |
| http://security.gentoo.org/glsa/glsa-201205-02.xml | vendor-advisoryx_refsource_GENTOO |
| http://git.kernel.org/?p=network/connman/connman.… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/05/07/2 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/53406 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2012/0… | mailing-listx_refsource_MLIST |
| http://secunia.com/advisories/49033 | third-party-advisoryx_refsource_SECUNIA |
| https://bugzilla.novell.com/show_bug.cgi?id=715172 | x_refsource_MISC |
| http://secunia.com/advisories/49186 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2012-05-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:26:09.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "connman-netlink-security-bypass(75465)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75465"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=network/connman/connman.git%3Ba=commit%3Bh=b0ec6eb4466acc57a9ea8be52c17b674b6ea0618"
},
{
"name": "81704",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/81704"
},
{
"name": "[oss-security] 20120507 Re: connman heads up / CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/6"
},
{
"name": "GLSA-201205-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201205-02.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=network/connman/connman.git%3Ba=commit%3Bh=c1b968984212b46bea1330f5ae029507b9bfded9"
},
{
"name": "[oss-security] 20120507 connman heads up / CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/2"
},
{
"name": "53406",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53406"
},
{
"name": "[oss-security] 20120507 Re: connman heads up / CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/10"
},
{
"name": "49033",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49033"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=715172"
},
{
"name": "49186",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49186"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ConnMan before 0.85 does not ensure that netlink messages originate from the kernel, which allows remote attackers to bypass intended access restrictions and cause a denial of service via a crafted netlink message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "connman-netlink-security-bypass(75465)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75465"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=network/connman/connman.git%3Ba=commit%3Bh=b0ec6eb4466acc57a9ea8be52c17b674b6ea0618"
},
{
"name": "81704",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/81704"
},
{
"name": "[oss-security] 20120507 Re: connman heads up / CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/6"
},
{
"name": "GLSA-201205-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201205-02.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=network/connman/connman.git%3Ba=commit%3Bh=c1b968984212b46bea1330f5ae029507b9bfded9"
},
{
"name": "[oss-security] 20120507 connman heads up / CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/2"
},
{
"name": "53406",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53406"
},
{
"name": "[oss-security] 20120507 Re: connman heads up / CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/10"
},
{
"name": "49033",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49033"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=715172"
},
{
"name": "49186",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49186"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2320",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ConnMan before 0.85 does not ensure that netlink messages originate from the kernel, which allows remote attackers to bypass intended access restrictions and cause a denial of service via a crafted netlink message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "connman-netlink-security-bypass(75465)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75465"
},
{
"name": "http://git.kernel.org/?p=network/connman/connman.git;a=commit;h=b0ec6eb4466acc57a9ea8be52c17b674b6ea0618",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=network/connman/connman.git;a=commit;h=b0ec6eb4466acc57a9ea8be52c17b674b6ea0618"
},
{
"name": "81704",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/81704"
},
{
"name": "[oss-security] 20120507 Re: connman heads up / CVE requests",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/6"
},
{
"name": "GLSA-201205-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201205-02.xml"
},
{
"name": "http://git.kernel.org/?p=network/connman/connman.git;a=commit;h=c1b968984212b46bea1330f5ae029507b9bfded9",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=network/connman/connman.git;a=commit;h=c1b968984212b46bea1330f5ae029507b9bfded9"
},
{
"name": "[oss-security] 20120507 connman heads up / CVE requests",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/2"
},
{
"name": "53406",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53406"
},
{
"name": "[oss-security] 20120507 Re: connman heads up / CVE requests",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/07/10"
},
{
"name": "49033",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49033"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=715172",
"refsource": "MISC",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=715172"
},
{
"name": "49186",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49186"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-2320",
"datePublished": "2012-05-18T22:00:00.000Z",
"dateReserved": "2012-04-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T19:26:09.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}