Bug 1186869 (CVE-2021-33833)

Summary:	VUL-0: CVE-2021-33833: connman: stack based buffer overflow in dnsproxy
Product:	[Novell Products] SUSE Security Incidents	Reporter:	Marcus Meissner <meissner>
Component:	Incidents	Assignee:	Daniel Wagner <daniel.wagner>
Status:	RESOLVED FIXED	QA Contact:	Security Team bot <security-team>
Severity:	Normal
Priority:	P3 - Medium	CC:	meissner, wolfgang.frisch
Version:	unspecified
Target Milestone:	---
Hardware:	Other
OS:	Other
URL:	https://smash.suse.de/issue/301305/
Whiteboard:	CVSSv3.1:SUSE:CVE-2021-33833:8.8:(AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Found By:	---	Services Priority:
Business Priority:		Blocker:	---
Marketing QA Status:	---	IT Deployment:	---

Comment 3 Marcus Meissner 2021-06-05 14:54:14 UTC

CVE-2021-33833

Comment 4 Marcus Meissner 2021-06-05 14:57:23 UTC

CRD: 2021-06-09 8:00UTC

Comment 5 Marcus Meissner 2021-06-05 15:41:48 UTC

i notified linux-distros just now

Comment 6 Daniel Wagner 2021-06-07 17:36:05 UTC

https://build.suse.de/package/show/home:wagi:branches:SUSE:Factory:Head/connman

Comment 7 Marcus Meissner 2021-06-09 08:17:26 UTC

public

Comment 8 Marcus Meissner 2021-06-09 08:25:45 UTC

https://www.openwall.com/lists/oss-security/2021/06/09/1

Comment 9 Daniel Wagner 2022-01-25 10:44:17 UTC

Has been fixed by updating ConnMan to version 1.40.