diff options
author | Steve Sakoman <steve@sakoman.com> | 2022-02-07 06:26:40 -1000 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-02-23 23:43:42 +0000 |
commit | 17023dee9baeb88791373345c130b886a942296f (patch) | |
tree | 81d39c0444e1d7870e08a249bdbb88fe118ba848 /documentation/sphinx-static | |
parent | 08ecf46de00398ee1600e5fbdfd9c05e743ea176 (diff) | |
download | poky-17023dee9baeb88791373345c130b886a942296f.tar.gz |
connman: fix CVE-2022-23096-7
An issue was discovered in the DNS proxy in Connman through 1.40.
The TCP server reply implementation lacks a check for the presence
of sufficient Header Data, leading to an out-of-bounds read (CVE-2022-23096)
An issue was discovered in the DNS proxy in Connman through 1.40.
forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds
read (CVE-2022-23097)
Backport patch from:
https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e5a313736e13c90d19085e953a26256a198e4950
CVE: CVE-2022-23096 CVE-2022-23097
(From OE-Core rev: b8d925c1443c84500df74958aa2f75113b992453)
Signed-off-by: Steve Sakoman
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'documentation/sphinx-static')
0 files changed, 0 insertions, 0 deletions