Sorry, you need to enable JavaScript to visit this website.

ConnMan Project Connection Manager Daemon Buffer Overflow

Intel ID: INTEL-OSS-10001
Product family: ConnMan (Open source package, Connection Manager)
Imact of vulnerability: Code execution, Denial of service
Severity rating: High
Original release: 08/29/2017
Last revised: 08/29/2017
CVE: CVE-2017-5716


Buffer overflow in ConnMan Project connection manager daemon version 1.34 and earlier allows a remote attacker to conduct a denial of service via malformed DNS packets.


ConnMan Version 1.34 and earlier is vulnerable to a buffer overflow in the connection manager daemon (connmand) resulting in denial of service and potential remote code execution. Malformed DNS packet can result in a buffer overflow in the connection manager daemon’s DNS proxy service, resulting in service crash or remote code execution at the privilege of the service. The connection manager is not vulnerable if it is running with DNS proxy disabled (default is enabled).

CVSS v3: 8.1 (High) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

Affected Products

ConnMan Release 1.34 or earlier.


Intel highly recommends that users update to at least Release 1.35 of ConnMan available at


Intel would like to thank the following researchers for reporting this issue and working with us on coordinated disclosure.

Daisuke Noguchi
Yousuke Nishibata
NRI SecureTechnologies, Ltd.