VDB
CVE-2021-26675
CVE-2021-26675
PUBLISHED
A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code.
EPSS 0.19% · 40.1th percentile
Risk Scores
EPSS Score
0.19%
40.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:18.04:LTS | connman | 1.35-1, 1.35-2, 1.35-6 |
| Ubuntu:20.04:LTS | connman | 0, 1.36-2build1 |
Timeline
- Feb 9, 2021 CVE Published
- Feb 9, 2021 PoC Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-26675 third-party-advisory
- https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e4079a20f617a4b076af503f6e4e8b0304c9f2cb third-party-advisory
- https://bugzilla.suse.com/show_bug.cgi?id=1181751 third-party-advisory
- https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog third-party-advisory
- https://www.openwall.com/lists/oss-security/2021/02/08/2 third-party-advisory
- https://ubuntu.com/security/notices/USN-6236-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-26675 third-party-advisory