VDB
CVE-2021-33833
CVE-2021-33833
PUBLISHED
ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH (for A or AAAA).
EPSS 0.16% · 36.0th percentile
Risk Scores
EPSS Score
0.16%
36.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:20.04:LTS | connman | 0, 1.36-2build1 |
| Ubuntu:Pro:18.04:LTS | connman | 0, 1.35-1, 1.35-6 |
Exploit Intelligence
- http://www.openwall.com/lists/oss-security/2022/01/25/1 (nist-nvd)
- https://lore.kernel.org/connman/ (circl)
- [oss-security] 20210609 connman stack buffer overflow in dnsproxy CVE-2021-33833 (circl)
- GLSA-202107-29 (circl)
- [debian-lts-announce] 20220209 [SECURITY] [DLA 2915-1] connman security update (circl)
Timeline
- Jun 9, 2021 CVE Published
- Jun 10, 2021 EPSS Score
- Aug 11, 2021 EPSS Score
- Oct 11, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Jan 25, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 9, 2022 EPSS Score
- Apr 11, 2022 EPSS Score
- Jun 11, 2022 EPSS Score
- Aug 12, 2022 EPSS Score
- Oct 11, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-33833 third-party-advisory
- https://seclists.org/oss-sec/2021/q2/196 third-party-advisory
- https://ubuntu.com/security/notices/USN-6236-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-33833 third-party-advisory