An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read.
References
Link | Resource |
---|---|
https://git.kernel.org/pub/scm/network/connman/connman.git/log/ | Product Third Party Advisory |
https://www.openwall.com/lists/oss-security/2022/01/25/1 | Exploit Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2022/02/msg00009.html | Mailing List Third Party Advisory |
https://www.debian.org/security/2022/dsa-5231 | Third Party Advisory |
Information
Published : 2022-01-28 08:15
Updated : 2022-09-29 09:01
NVD link : CVE-2022-23097
Mitre link : CVE-2022-23097
JSON object : View
CWE
CWE-125
Out-of-bounds Read
Products Affected
debian
- debian_linux
intel
- connman