CVE-2023-28488 Information

Description

client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service terminating the connman process.

Reference

https://github.com/moehw/poc_exploits/tree/master/CVE-2023-28488 https://kernel.googlesource.com/pub/scm/network/connman/connman/+/99e2c16ea1cced34a5dc450d76287a1c3e762138