CVE-2021-33833 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Arbitrary code execution
Description	A security issue has been found in the dnsproxy component of connman in releases 1.32 to 1.39. Unpacking of NAME and RDATA/RDLENGTH fields with TYPE A/AAAA in the uncompress function uses a memcpy with insufficient bounds checking, which can overflow a stack buffer.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2055	connman	1.39-1	1.40-1	High	Fixed

Date	Advisory	Group	Package	Severity	Type
16 Jun 2021	ASA-202106-44	AVG-2055	connman	High	arbitrary code execution

References
https://www.openwall.com/lists/oss-security/2021/06/09/1 https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=eceb2e8d2341c041df55a5e2f047d9a8c491463c