connman :fix CVE-2025-32743 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Praveen Kumar <praveen.kumar@windriver.com>	2025-05-08 16:39:10 +0000
committer	Steve Sakoman <steve@sakoman.com>	2025-05-14 08:33:40 -0700
commit	05c543833020d8ded8495ebe7edb6fe8213d83a0 (patch)
tree	debec68bc211f67c74336e9ca7fb8e9e302bb523 /meta/lib/oe/patch.py
parent	95d7312e40d1cea34c4f43f55d1f6c91ab4c9ab7 (diff)
download	poky-05c543833020d8ded8495ebe7edb6fe8213d83a0.tar.gz

connman :fix CVE-2025-32743

In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code, because those lookup values lead to incorrect length calculations and incorrect memcpy operations. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-32743 Upstream-patch: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=d90b911f6760959bdf1393c39fe8d1118315490f (From OE-Core rev: 61610f57c6b9ee2b6002decc037db049e9ddfe51) Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'meta/lib/oe/patch.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: