MIRRORS/poky
1
0
Fork 0
mirror of git://git.yoctoproject.org/poky.git synced 2025-08-22 00:42:05 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
yocto-5.2.2
poky/meta/recipes-connectivity/connman
History
Praveen Kumar c413376afc connman :fix CVE-2025-32366 
In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length
that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen)
and memcpy(response+offset,*end,*rdlen) without a check for whether
the sum of *end and *rdlen exceeds max. Consequently, *rdlen may be
larger than the amount of remaining packet data in the current state
of parsing. Values of stack memory locations may be sent over the
network in a response.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-32366

Upstream-patch:
https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=8d3be0285f1d4667bfe85dba555c663eb3d704b4

(From OE-Core rev: 1c908b1c44a006b6707a1f0da59781a6750cf8ce)

Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-05-23 08:42:33 -07:00
..
connman connman :fix CVE-2025-32366 2025-05-23 08:42:33 -07:00
connman-conf connman-conf: don't take over any ethernet devices, not just eth0 2023-08-14 12:51:21 +01:00
connman-gnome Revert "connman-gnome: StatusIcon adapts to size changes" 2016-10-05 10:10:11 +01:00
connman_1.43.bb connman :fix CVE-2025-32366 2025-05-23 08:42:33 -07:00
connman-conf.bb recipes: Switch away from S = WORKDIR 2024-05-21 12:08:04 +01:00
connman-gnome_0.7.bb lrzsz connman-gnome libfm: ignore various issues fatal with gcc-14 2024-05-13 15:42:27 +01:00
connman.inc meta/meta-selftest: Fix variable assignment whitespace 2025-02-01 13:42:34 +00:00