In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code. Reference and upstream patch: https://lore.kernel.org/connman/20220801080043.4861-5-wagi@monom.org/
Created connman tracking bugs for this issue: Affects: epel-7 [bug 2151676]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.