Intel · Connman · CVE-2017-12865
**Name of the Vulnerable Software and Affected Versions**
connman versions 1.34 and earlier
**Description**
The issue is caused by a stack-based buffer overflow in the "dnsproxy.c" component. This can be exploited by a remote attacker using a specially crafted response query string passed to the `name` variable, potentially leading to a denial of service or the execution of arbitrary code.
**Recommendations**
For connman versions 1.34 and earlier, as a temporary workaround, consider restricting the use of the `dnsproxy.c` component until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.