Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 8 Feb 2021 10:11:05 +0100
From: Marcus Meissner <>
To: OSS Security List <>
Subject: Remote code execution in connman


Tesla has reported a remote (adjacent network) code execution flaw in
connman, a lightweight network manager, to our SUSE colleage and
connman upstream maintainer Daniel Wagner,

Mitre has assigned CVE-2021-26675.

The commit fixes a stack buffer overflow that can be used to execute code by network adjacent attackers.

Mitre has assigned CVE-2021-26676

Remote stack information leak which can be used to help execute CVE-2021-26675 reliably.

Ciao, Marcus

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.