Strix
26.1K

CVE-2012-2322

UnknownEPSS 3.23%

Last modified

CVE-2012-2322 is a vulnerability of currently unknown severity. Integer overflow in the dhcpv6_get_option function in gdhcp/client.c in ConnMan before 0.85 allows remote attackers to cause a denial of service (infinite loop and crash) via an invalid length value in a DHCP packet.. EPSS estimates a 3.23% chance of exploitation in the next 30 days.

Description

Integer overflow in the dhcpv6_get_option function in gdhcp/client.c in ConnMan before 0.85 allows remote attackers to cause a denial of service (infinite loop and crash) via an invalid length value in a DHCP packet.

Metrics

EPSS Probability
3.23%

86.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
ConnmanConnman<= 0.84
ConnmanConnman0.1
ConnmanConnman0.2
ConnmanConnman0.3
ConnmanConnman0.4
ConnmanConnman0.5
ConnmanConnman0.6
ConnmanConnman0.7
ConnmanConnman0.8
ConnmanConnman0.9
ConnmanConnman0.10
ConnmanConnman0.11
ConnmanConnman0.12
ConnmanConnman0.13
ConnmanConnman0.14
ConnmanConnman0.15
ConnmanConnman0.16
ConnmanConnman0.17
ConnmanConnman0.18
ConnmanConnman0.19
ConnmanConnman0.20
ConnmanConnman0.21
ConnmanConnman0.22
ConnmanConnman0.23
ConnmanConnman0.24
ConnmanConnman0.25
ConnmanConnman0.26
ConnmanConnman0.27
ConnmanConnman0.28
ConnmanConnman0.29
ConnmanConnman0.30
ConnmanConnman0.31
ConnmanConnman0.32
ConnmanConnman0.33
ConnmanConnman0.34
ConnmanConnman0.35
ConnmanConnman0.36
ConnmanConnman0.37
ConnmanConnman0.38
ConnmanConnman0.39
ConnmanConnman0.40
ConnmanConnman0.41
ConnmanConnman0.42
ConnmanConnman0.43
ConnmanConnman0.44
ConnmanConnman0.45
ConnmanConnman0.46
ConnmanConnman0.47
ConnmanConnman0.48
ConnmanConnman0.49

Showing 50 of 84 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2012-2322?
Integer overflow in the dhcpv6_get_option function in gdhcp/client.c in ConnMan before 0.85 allows remote attackers to cause a denial of service (infinite loop and crash) via an invalid length value in a DHCP packet.
How severe is CVE-2012-2322?
Severity scoring for CVE-2012-2322 is pending analysis. The EPSS model estimates a 3.23% probability of exploitation in the next 30 days.
How do I fix CVE-2012-2322?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2012-2322?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST