CVE-2022-23098
published 2022-01-28CVE-2022-23098: An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received.
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| connman | connman | >= 0 < 1.36-2.2+deb11u1 | 1.36-2.2+deb11u1 |
| connman | connman | >= 0 < 1.36-2.4 | 1.36-2.4 |
| connman | connman | >= 0 < 1.36-2.4 | 1.36-2.4 |
| connman | connman | >= 0 < 1.36-2.4 | 1.36-2.4 |
| connman | connman | >= 0 < 1.36-2ubuntu0.1 | 1.36-2ubuntu0.1 |
| connman | connman | >= 0 < 1.36-2.3ubuntu0.1 | 1.36-2.3ubuntu0.1 |
| connman | connman | >= 0 < 1.21-1.2+deb8u1ubuntu0.1~esm1 | 1.21-1.2+deb8u1ubuntu0.1~esm1 |
| connman | connman | >= 0 < 1.35-6ubuntu0.1~esm1 | 1.35-6ubuntu0.1~esm1 |
| debian | connman | < connman 1.36-2.4 (bookworm) | connman 1.36-2.4 (bookworm) |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| intel | connman | <= 1.40 | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv8.8HIGH