MIRRORS/poky
1
0
Fork 0
mirror of git://git.yoctoproject.org/poky.git synced 2025-08-22 00:42:05 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
scarthgap-5.0.11
poky/meta/recipes-connectivity/connman
History
Praveen Kumar f80b122315 connman :fix CVE-2025-32366 
In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length
that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen)
and memcpy(response+offset,*end,*rdlen) without a check for whether
the sum of *end and *rdlen exceeds max. Consequently, *rdlen may be
larger than the amount of remaining packet data in the current state
of parsing. Values of stack memory locations may be sent over the
network in a response.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-32366

Upstream-patch:
https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=8d3be0285f1d4667bfe85dba555c663eb3d704b4

(From OE-Core rev: 02e046149b1cc5eca5188eec7b4e1a9970b97faf)

Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-05-27 09:38:57 -07:00
..
connman connman :fix CVE-2025-32366 2025-05-27 09:38:57 -07:00
connman-conf connman-conf: don't take over any ethernet devices, not just eth0 2023-08-14 12:51:21 +01:00
connman-gnome Revert "connman-gnome: StatusIcon adapts to size changes" 2016-10-05 10:10:11 +01:00
connman_1.42.bb connman :fix CVE-2025-32366 2025-05-27 09:38:57 -07:00
connman-conf.bb recipes: Drop remaining PR values from recipes 2023-09-22 07:45:17 +01:00
connman-gnome_0.7.bb lrzsz connman-gnome libfm: ignore various issues fatal with gcc-14 2024-06-20 06:29:43 -07:00
connman.inc connman: fix warning by specifying runstatedir at configure time 2023-06-01 08:05:11 +01:00