- Description
- In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code, because those lookup values lead to incorrect length calculations and incorrect memcpy operations.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9
- Impact score
- 6
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- cve@mitre.org
- CWE-392
- Hype score
- Not currently trending
🚨 CVE-2025-32743 ⚠️🔴 CRITICAL (9) 🏢 ConnMan - ConnMan 🏗️ 0 🔗 https://t.co/zjXJsViReY 🔗 https://t.co/3MhTBJ1vsc #CyberCron #VulnAlert #InfoSec https://t.co/vIm9MS1q2V
@cybercronai
10 Apr 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2025-32743 | ConnMan up to 1.44 DNS Response dnsproxy.c ns_resolv lookup error condition) has been published on https://t.co/GwYDQotvaC
@WolfgangSesin
10 Apr 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32743 In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows… https://t.co/5editqqh78
@CVEnew
10 Apr 2025
380 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-32743: CRITICAL] Vulnerability in ConnMan through 1.44 allows attackers to trigger denial of service or execute arbitrary code by manipulating DNS responses. #CyberSecurity#cybersecurity,#vulnerability https://t.co/zHw8fKVNCR https://t.co/LE2HR16MC3
@CveFindCom
10 Apr 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes