ASA-202102-24 log generated external raw

[ASA-202102-24] connman: multiple issues
Arch Linux Security Advisory ASA-202102-24 ========================================== Severity: Critical Date : 2021-02-12 CVE-ID : CVE-2021-26675 CVE-2021-26676 Package : connman Type : multiple issues Remote : Yes Link : Summary ======= The package connman before version 1.39-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. Resolution ========== Upgrade to 1.39-1. # pacman -Syu "connman>=1.39-1" The problems have been fixed upstream in version 1.39. Workaround ========== None. Description =========== - CVE-2021-26675 (arbitrary code execution) A security issue was found in connman 1.38. A stack buffer overflow can be used to execute code by network adjacent attackers. - CVE-2021-26676 (information disclosure) A security issue was found in connman 1.38. A stack information leak from an uninitialised variable can lead to information disclosure to a remote attacker. This information can be used to help exploiting CVE-2021-26675 reliably. Impact ====== A network adjacent attacker can execute arbitrary code on the affected host. References ==========