ALT-PU-2023-4820-2

BDU:2022-07359

HIGH8.1

Уязвимость реализации поддержки WISPR диспетчера соединений Connman, связанная с использованием памяти после ее освобождения, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Published: 2022-12-22Modified: 2025-08-07

CVSS 3.xHIGH 8.1

CVSS:3.x/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2022-32293

BDU:2022-07360

CRITICAL9.8

Уязвимость компонента gweb диспетчера соединений Connman, связанная с записью за границами выделенного диапазона памяти, позволяющая нарушителю выполнить произвольный код

Published: 2022-12-22Modified: 2025-08-07

CVSS 3.xCRITICAL 9.8

CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2022-32292

BDU:2023-03868

MEDIUM6.5

Уязвимость компонента client.c диспетчера соединений ConnMan, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2023-07-20Modified: 2023-09-20

CVSS 3.xMEDIUM 6.5

CVSS:3.x/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS 2.0MEDIUM 6.1

CVSS:2.0/AV:A/AC:L/Au:N/C:N/I:N/A:C

References

CVE-2023-28488

CVE-2022-32292

CRITICAL9.8

In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.

Published: 2022-08-03Modified: 2024-11-21

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2022-32293

HIGH8.1

In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution.

Published: 2022-08-03Modified: 2024-11-21

CVSS 3.xHIGH 8.1

CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2023-28488

MEDIUM6.5

client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the connman process.

Published: 2023-04-12Modified: 2025-02-08

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

Package update connman in branch sisyphus

Closed issues (6)

Уязвимость компонента client.c диспетчера соединений ConnMan, позволяющая нарушителю вызвать отказ в обслуживании

In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.

In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution.

client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the connman process.