CVE-2025-32743

by Fred · 10/04/2025

In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code, because those lookup values lead to incorrect length calculations and incorrect memcpy operations.

Assigner : cve@mitre.org

More information : https://lapis-sawfish-be3.notion.site/0-click-Vulnerability-in-Comman-1-43_v3-1cadc00d01d080b0b3b9c46a6da584cc

CVE-2025-32743

Similar

Recent Posts

Categories

CVE-2025-32743

Share this:

Similar

Recent Posts

Categories

Tags