Connman Connman
5 CVEs affecting Connman Connman. Latest disclosed: 2025-04-10. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-32743 | Critical | 9.0 | 2025-04-10 | In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This… |
CVE-2025-32366 | Medium | 4.8 | 2025-04-05 | In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen) and memcpy(response+off… |
CVE-2012-2322 | | 2012-05-18 | Integer overflow in the dhcpv6_get_option function in gdhcp/client.c in ConnMan before 0.85 allows remote attackers to cause a denial of service (infinite loop… | |
CVE-2012-2321 | | 2012-05-18 | The loopback plug-in in ConnMan before 0.85 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) host name or (2) domain n… | |
CVE-2012-2320 | | 2012-05-18 | ConnMan before 0.85 does not ensure that netlink messages originate from the kernel, which allows remote attackers to bypass intended access restrictions and c… |