Multiple vulnerabilities in ConnMan



Published: 2022-09-19
Risk Medium
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2022-23098
CVE-2022-23097
CVE-2022-23096
CWE-ID CWE-835
CWE-125
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
ConnMan
Universal components / Libraries / Libraries used by multiple products

Vendor kernel.org

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Infinite loop

EUVDB-ID: #VU67467

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-23098

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop when handling TCP connections. A remote attacker can send specially crafted packets to the application, consume all available system resources and cause denial of service conditions.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

ConnMan: 0.1 - 1.40


CPE2.3 External links

http://git.kernel.org/pub/scm/network/connman/connman.git/log/
http://www.openwall.com/lists/oss-security/2022/01/25/1
http://lists.debian.org/debian-lts-announce/2022/02/msg00009.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Out-of-bounds read

EUVDB-ID: #VU67466

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-23097

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the forward_dns_reply() function in the DNS proxy. A remote attacker can send specially crafted TCP packets to the application, trigger an out-of-bounds read error and read contents of memory on the system or perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

ConnMan: 0.1 - 1.40


CPE2.3 External links

http://git.kernel.org/pub/scm/network/connman/connman.git/log/
http://www.openwall.com/lists/oss-security/2022/01/25/1
http://lists.debian.org/debian-lts-announce/2022/02/msg00009.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Out-of-bounds read

EUVDB-ID: #VU67465

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-23096

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information or perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in the DNS proxy dnsproxy.c when handling Header Data in DNS responses. A remote attacker can send specially crafted TCP packets to the affected software, trigger an out-of-bounds read error and read contents of memory on the system or perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

ConnMan: 0.1 - 1.40


CPE2.3 External links

http://git.kernel.org/pub/scm/network/connman/connman.git/log/
http://www.openwall.com/lists/oss-security/2022/01/25/1
http://lists.debian.org/debian-lts-announce/2022/02/msg00009.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###