MGASA-2018-0036

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2018-0036.html

Import Source

https://advisories.mageia.org/MGASA-2018-0036.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2018-0036

Related

CVE-2017-12865

Published

2018-01-03T14:22:14Z

Modified

2018-01-03T13:51:32Z

Summary

Updated connman packages fix security vulnerability

Details

Security consultants in NRI Secure Technologies discovered a stack overflow vulnerability in ConnMan. An attacker with control of the DNS responses to the DNS proxy in ConnMan might crash the service and, in same cases, remotely execute arbitrary commands in the host running the service (CVE-2017-12865)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / connman

Package

Name: connman
Purl: pkg:rpm/mageia/connman?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.24-4.1.mga5

Ecosystem specific

{
    "section": "core"
}

Mageia:6 / connman

Package

Name: connman
Purl: pkg:rpm/mageia/connman?distro=mageia-6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.33-6.1.mga6

Ecosystem specific

{
    "section": "core"
}