cbcvebase.
CVE-2021-26675
published 2021-02-09

CVE-2021-26675: A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code.

high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code.

Affected

13 ranges
VendorProductVersion rangeFixed in
connmanconnman>= 0 < 1.36-2.11.36-2.1
connmanconnman>= 0 < 1.36-2.11.36-2.1
connmanconnman>= 0 < 1.36-2.11.36-2.1
connmanconnman>= 0 < 1.36-2.11.36-2.1
connmanconnman>= 0 < 1.36-2ubuntu0.11.36-2ubuntu0.1
connmanconnman>= 0 < 1.36-2.3ubuntu0.11.36-2.3ubuntu0.1
connmanconnman>= 0 < 1.21-1.2+deb8u1ubuntu0.1~esm11.21-1.2+deb8u1ubuntu0.1~esm1
connmanconnman>= 0 < 1.35-6ubuntu0.1~esm11.35-6ubuntu0.1~esm1
debianconnman< connman 1.36-2.1 (bookworm)connman 1.36-2.1 (bookworm)
debiandebian_linux
debiandebian_linux
intelconnman< 1.391.39
opensuseleap

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv8.8HIGH