Vulnerability Description
In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code, because those lookup values lead to incorrect length calculations and incorrect memcpy operations.
CVSS Score
CRITICAL
Related Weaknesses (CWE)
References
- https://lapis-sawfish-be3.notion.site/0-click-Vulnerability-in-Comman-1-43_v3-1c
- https://web.git.kernel.org/pub/scm/network/connman/connman.git/tree/src/dnsproxy
FAQ
What is CVE-2025-32743?
CVE-2025-32743 is a vulnerability with a CVSS score of 9.0 (CRITICAL). In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of se...
How severe is CVE-2025-32743?
CVE-2025-32743 has been rated CRITICAL with a CVSS base score of 9.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-32743?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.