Advisory Published
CVE Published
Updated

CVE-2021-26676

First published: Tue Feb 09 2021(Updated: )

gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp.

Credit: cve@mitre.org cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Intel Connman<1.39
Debian Debian Linux=9.0
Debian Debian Linux=10.0
openSUSE Leap=15.2
debian/connman
1.36-2.1~deb10u2
1.36-2.1~deb10u5
1.36-2.2+deb11u2
1.41-3
1.42-5
ubuntu/connman<1.36-2.1
1.36-2.1
ubuntu/connman<1.21-1.2+
1.21-1.2+
ubuntu/connman<1.35-6ubuntu0.1~
1.35-6ubuntu0.1~
ubuntu/connman<1.36-2ubuntu0.1
1.36-2ubuntu0.1

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

  • What is CVE-2021-26676?

    CVE-2021-26676 is a vulnerability in gdhcp in ConnMan before version 1.39 that could be used by network-adjacent attackers to leak sensitive stack information.

  • How can CVE-2021-26676 be exploited?

    CVE-2021-26676 can be exploited by network-adjacent attackers to leak sensitive stack information, which can then be used to further exploit bugs in gdhcp.

  • Which software versions are affected by CVE-2021-26676?

    ConnMan versions before 1.39 are affected by CVE-2021-26676.

  • What is the remedy for CVE-2021-26676 in Debian?

    For Debian, updating to ConnMan version 1.41-3 or higher will remedy CVE-2021-26676.

  • What is the remedy for CVE-2021-26676 in Ubuntu?

    The remedy for CVE-2021-26676 in Ubuntu depends on the specific version. Please refer to the provided references for more information.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203