Описание
In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.
In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-32292
- https://bugzilla.suse.com/show_bug.cgi?id=1200189
- https://lore.kernel.org/connman/20220801080043.4861-5-wagi%40monom.org
- https://lore.kernel.org/connman/20220801080043.4861-5-wagi@monom.org
- https://security.gentoo.org/glsa/202310-21
- https://www.debian.org/security/2022/dsa-5231
Связанные уязвимости
In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.
In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.
In ConnMan through 1.41, remote attackers able to send HTTP requests t ...
Уязвимость компонента gweb диспетчера соединений Connman, связанная с записью за границами выделенного диапазона памяти, позволяющая нарушителю выполнить произвольный код
