UbuntuUpdates.org

Package "connman"

Name: connman

Description:

Intel Connection Manager daemon

Latest version: 1.36-2ubuntu0.1
Release: focal (20.04)
Level: security
Repository: universe
Homepage: https://01.org/connman

Links


Download "connman"


Other versions of "connman" in Focal

Repository Area Version
base universe 1.36-2build1
updates universe 1.36-2ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.36-2ubuntu0.1 2023-07-19 10:07:10 UTC

  connman (1.36-2ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Stack-based buffer overflow
    - debian/patches/dnsproxy-Add-length-checks-to-prevent-buffer-overflo.patch:
      Add length checks to prevent buffer overflow.
    - CVE-2021-26675
  * SECURITY UPDATE: Sensitive information exposure
    - debian/patches/gdhcp-Avoid-reading-invalid-data-in-dhcp_get_option.patch:
      Avoid reading invalid data in dhcp_get_option
    - debian/patches/gdhcp-Avoid-leaking-stack-data-via-unitiialized-vari.patch:
      Avoid leaking stack data via unitiialized variable.
    - CVE-2021-26676
  * SECURITY UPDATE: Stack-based buffer overflow
    - debian/patches/dnsproxy-Check-the-length-of-buffers-before-memcpy.patch:
      Check the length of buffers before memcpy.
    - CVE-2021-33833
  * SECURITY UPDATE: Out-of-bounds read
    - debian/patches/dnsproxy-Simplify-udp_server_event.patch:
      Simplify udp_server_event()
    - debian/patches/dnsproxy-Validate-input-data-before-using-them.patch:
      Validate input data before using them.
    - CVE-2022-23096
    - CVE-2022-23097
  * SECURITY UPDATE: Denial-of-service
    - debian/patches/dnsproxy-Avoid-100-busy-loop-in-TCP-server-case.patch:
      Avoid 100 % busy loop in TCP server case.
    - debian/patches/dnsproxy-Keep-timeout-in-TCP-case-even-after-connect.patch:
      Keep timeout in TCP case even after connection is established.
    - CVE-2022-23098
  * SECURITY UPDATE: Heap-based buffer overflow
    - debian/patches/gweb-Fix-OOB-write-in-received_data.patch: Fix OOB
      write in received_data().
    - CVE-2022-32292
  * SECURITY UPDATE: Use-after-free
    - debian/patches/wispr-Add-reference-counter-to-portal-context.patch:
      Add reference counter to portal context.
    - debian/patches/wispr-Update-portal-context-references.patch: Update
      portal context references.
    - CVE-2022-32293
  * SECURITY UPDATE: Stack-based buffer overflow
    - debian/patches/CVE-2023-28488.patch: Verify and sanitize packet
      length first.
    - CVE-2023-28488

 -- Fabian Toepfer <email address hidden> Tue, 27 Jun 2023 16:39:51 +0200

CVE-2021-26675 A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code.
CVE-2021-26676 gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs i
CVE-2021-33833 ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH (for A
CVE-2022-23096 An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient He
CVE-2022-23097 An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read.
CVE-2022-23098 An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received.
CVE-2022-32292 In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in receiv
CVE-2022-32293 In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading t
CVE-2023-28488 client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer



About   -   Send Feedback to @ubuntu_updates