Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Package Hub 15 SP3 package connman, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (16)
CVE-2022-32292 — CVSS 9.8 (critical): In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow…
CVE-2022-32293 — CVSS 8.1 (high): In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling…
CVE-2021-45485 — CVSS 7.5 (high): In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a…
CVE-2021-43975 — CVSS 6.7 (medium): In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an…
CVE-2021-28712 — CVSS 6.5 (medium): Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains…
CVE-2021-28713 — CVSS 6.5 (medium): Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains…
CVE-2021-28714 — CVSS 6.5 (medium): Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text…
CVE-2021-28715 — CVSS 6.5 (medium): Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text…
CVE-2021-28711 — CVSS 6.5 (medium): Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains…
CVE-2020-24504 — CVSS 5.5 (medium): Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated…
CVE-2021-33098 — CVSS 5.5 (medium): Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to…
CVE-2020-27820 — CVSS 4.7 (medium): A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that…
CVE-2021-43976 — CVSS 4.6 (medium): In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a…
CVE-2021-4002 — CVSS 4.4 (medium): A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using…
CVE-2021-4001 — CVSS 4.1 (medium): A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in…
CVE-2021-45486 — CVSS 3.5 (low): In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.