Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code, because those lookup values lead to incorrect length calculations and incorrect memcpy operations.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
错误条件报告缺失
Vulnerability Title
Linux ConnMan 安全漏洞
Vulnerability Description
Linux ConnMan是美国Linux社区的一个应用软件。提供英特尔的模块化网络连接管理器。 Linux ConnMan 1.44及之前版本存在安全漏洞,该漏洞源于DNS响应中TC位设置导致拒绝服务或可能执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A