Title: ConnMan: Multiple vulnerabilities ([glsa=202107-29]GLSA 202107-29[/glsa])
Severity: normal
Exploitable: remote
Date: 2021-07-12
Bug(s): #769491, #795084
ID: 202107-29
Synopsis
A buffer overflow in ConnMan might allow remote attacker(s) to
execute arbitrary code.
Background
ConnMan provides a daemon for managing Internet connections.
Affected Packages
Package: net-misc/connman
Vulnerable: < 1.40
Unaffected: >= 1.40
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in connman. Please review
the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All ConnMan users should upgrade to the latest version:
Code: Select all
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/connman-1.40"
References
CVE-2021-26675
CVE-2021-26676
CVE-2021-33833