Description

In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen) and memcpy(response+offset,*end,*rdlen) without a check for whether the sum of *end and *rdlen exceeds max. Consequently, *rdlen may be larger than the amount of remaining packet data in the current state of parsing. Values of stack memory locations may be sent over the network in a response.

INFO

Published Date :

2025-04-05T00:00:00.000Z

Last Modified :

2025-04-15T15:15:06.273Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-32366 vulnerability.

Vendors Products
Connman
  • Connman
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-32366.

URL Resource
https://lapis-sawfish-be3.notion.site/0-day-Comman-memory-Leak-190dc00d01d080688472d322c93c4340 cve-icon cve-icon
https://web.archive.org/web/20250410130356/https://lapis-sawfish-be3.notion.site/0-day-Comman-memory-Leak-190dc00d01d080688472d322c93c4340 cve-icon cve-icon
https://web.git.kernel.org/pub/scm/network/connman/connman.git/tree/src/dnsproxy.c?h=1.44#n1001 cve-icon cve-icon
https://web.git.kernel.org/pub/scm/network/connman/connman.git/tree/src/dnsproxy.c?h=1.44#n988 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact