CVE-2023-28488

NameCVE-2023-28488
Descriptionclient.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the connman process.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3397-1, DSA-5416-1
Debian Bugs1034393

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
connman (PTS)bullseye (security), bullseye1.36-2.2+deb11u2fixed
bookworm1.41-3fixed
trixie1.44-3fixed
forky, sid1.45-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
connmansourcebuster1.36-2.1~deb10u5DLA-3397-1
connmansourcebullseye1.36-2.2+deb11u2DSA-5416-1
connmansource(unstable)1.41-31034393

Notes

https://github.com/moehw/poc_exploits/tree/master/CVE-2023-28488
https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=99e2c16ea1cced34a5dc450d76287a1c3e762138
Search for package or bug name: Reporting problems