CVE-2021-26676
published 2021-02-09CVE-2021-26676: gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp.
medium6.5CVSS 3.1
AVAACLPRNUINSUCHINAN
gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| connman | connman | >= 0 < 1.36-2.1 | 1.36-2.1 |
| connman | connman | >= 0 < 1.36-2.1 | 1.36-2.1 |
| connman | connman | >= 0 < 1.36-2.1 | 1.36-2.1 |
| connman | connman | >= 0 < 1.36-2.1 | 1.36-2.1 |
| connman | connman | >= 0 < 1.36-2ubuntu0.1 | 1.36-2ubuntu0.1 |
| connman | connman | >= 0 < 1.36-2.3ubuntu0.1 | 1.36-2.3ubuntu0.1 |
| connman | connman | >= 0 < 1.21-1.2+deb8u1ubuntu0.1~esm1 | 1.21-1.2+deb8u1ubuntu0.1~esm1 |
| connman | connman | >= 0 < 1.35-6ubuntu0.1~esm1 | 1.35-6ubuntu0.1~esm1 |
| debian | connman | < connman 1.36-2.1 (bookworm) | connman 1.36-2.1 (bookworm) |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| intel | connman | < 1.39 | 1.39 |
| opensuse | leap | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
osv8.8HIGH