CVE-2012-2320Connman vulnerability

CWE-2644 documents4 sources
Severity
7.8HIGHNVD
EPSS
1.6%
top 18.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
ConnmanDebian Connman
Timeline
PublishedMay 18
Latest updateMay 17

Description

ConnMan before 0.85 does not ensure that netlink messages originate from the kernel, which allows remote attackers to bypass intended access restrictions and cause a denial of service via a crafted netlink message.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages3 packages

debiandebian/connman< connman 1.0-1 (bookworm)
Debianconnman/connman< 1.0-1+3
NVDconnman/connman0.84+83

🔴Vulnerability Details

2
GHSA
GHSA-hrhq-658c-r72w: ConnMan before 02022-05-17
OSV
CVE-2012-2320: ConnMan before 02012-05-18

📋Vendor Advisories

1
Debian
CVE-2012-2320: connman - ConnMan before 0.85 does not ensure that netlink messages originate from the ker...2012
CVE-2012-2320 — Debian Connman vulnerability | cvebase