Red Hat Bugzilla – Bug 1483720
CVE-2017-12865 connman: Stack-based buffer overflow in parse_response function in src/dnsproxy.c
Last modified: 2017-08-21 15:34:54 EDT
A flaw was found in ConnMan 1.34 and earlier. Connman DNS-proxy feature forwards DNS queries from the localhost to an external DNS server. The DNS resonse handled from an external DNS server may cause a remote denial-of-service or possibly remote code execution if malformed. The flaw is in the lenght of the variable "name" in src/dnsproxy.c.
Created connman tracking bugs for this issue:
Affects: epel-7 [bug 1483721]
Affects: fedora-all [bug 1483722]