CVE-2022-23098

CWE-8356 documents6 sources

Severity

7.5HIGH

EPSS

0.1%

top 76.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedJan 28

Latest updateJul 19

Description

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

▶Debianconnman< 1.36-2.2+deb11u1+3

Also affects: Debian Linux 11.0, 9.0

GHSA

GHSA-xhqg-mp7v-6mrp: An issue was discovered in the DNS proxy in Connman through 1↗2022-02-10

▶

OSV

CVE-2022-23098: An issue was discovered in the DNS proxy in Connman through 1↗2022-01-28

▶

CVEList

CVE-2022-23098: An issue was discovered in the DNS proxy in Connman through 1↗2022-01-28

▶

Ubuntu

ConnMan vulnerabilities↗2023-07-19

▶

Debian

CVE-2022-23098: connman - An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server...↗2022

▶