Wind River Support Network

HomeDefectsLIN1022-14744
Acknowledged

LIN1022-14744 : Security Advisory - connman - CVE-2025-32743

Created: Apr 10, 2025    Updated: Jun 9, 2025
Found In Version: 10.22.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Userspace

Description

In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code, because those lookup values lead to incorrect length calculations and incorrect memcpy operations.

CREATE(Triage):(User=admin) CVE-2025-32743 (https://nvd.nist.gov/vuln/detail/CVE-2025-32743)
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube