VDB
CVE-2021-26676
CVE-2021-26676
PUBLISHED
gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp.
EPSS 0.10% · 26.5th percentile
Risk Scores
EPSS Score
0.10%
26.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:20.04:LTS | connman | 0, 1.36-2build1 |
| Ubuntu:Pro:18.04:LTS | connman | 0, 1.35-1, 1.35-6 |
| Ubuntu:Pro:16.04:LTS | connman | 0, 1.21-1.2, 1.21-1.2build1 |
Timeline
- Feb 9, 2021 CVE Published
- Feb 9, 2021 PoC Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-26676 third-party-advisory
- https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=58d397ba74873384aee449690a9070bacd5676fa third-party-advisory
- https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=a74524b3e3fad81b0fd1084ffdf9f2ea469cd9b1 third-party-advisory
- https://bugzilla.suse.com/show_bug.cgi?id=1181751 third-party-advisory
- https://git.kernel.org/pub/scm/network/connman/connman.git/tree/ChangeLog third-party-advisory
- https://www.openwall.com/lists/oss-security/2021/02/08/2 third-party-advisory
- https://ubuntu.com/security/notices/USN-6236-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-26676 third-party-advisory