CVE-2012-2322

Priority
Medium
Description
Integer overflow in the dhcpv6_get_option function in gdhcp/client.c in
ConnMan before 0.85 allows remote attackers to cause a denial of service
(infinite loop and crash) via an invalid length value in a DHCP packet.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2322
http://www.openwall.com/lists/oss-security/2012/05/07
Bugs
https://bugzilla.novell.com/show_bug.cgi?id=715172
Package
Source: connman (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):needed
Ubuntu 11.10 (Oneiric Ocelot):ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):needed
Ubuntu 12.10 (Quantal Quetzal):needed
Ubuntu 13.04 (Raring Ringtail):needed
Ubuntu 13.10 (Saucy Salamander):needed
More Information

Valid XHTML 1.0 Strict

Updated: 2013-05-09 15:16:29 UTC (commit 6824)