connman: fix CVE-2022-23096-7 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Steve Sakoman <steve@sakoman.com>	2022-02-07 06:26:40 -1000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-02-23 23:43:42 +0000
commit	17023dee9baeb88791373345c130b886a942296f (patch)
tree	81d39c0444e1d7870e08a249bdbb88fe118ba848 /scripts
parent	08ecf46de00398ee1600e5fbdfd9c05e743ea176 (diff)
download	poky-17023dee9baeb88791373345c130b886a942296f.tar.gz

connman: fix CVE-2022-23096-7

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read (CVE-2022-23096) An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read (CVE-2022-23097) Backport patch from: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e5a313736e13c90d19085e953a26256a198e4950 CVE: CVE-2022-23096 CVE-2022-23097 (From OE-Core rev: b8d925c1443c84500df74958aa2f75113b992453) Signed-off-by: Steve Sakoman Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: