CVE-2025-32743

Description

In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code, because those lookup values lead to incorrect length calculations and incorrect memcpy operations.

CVSS v3.1 Score

9.0

CRITICAL

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Weakness Type (CWE)

CWE-392 CWE-392

References

Other References

https://lapis-sawfish-be3.notion.site/0-click-Vulnerability-in-Comman-1-43_v3-1cadc00d01d080b0b3b9c46a6da584cc https://web.git.kernel.org/pub/scm/network/connman/connman.git/tree/src/dnsproxy.c?h=1.44#n1688

Frequently Asked Questions

What is CVE-2025-32743? +

In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code, because those lookup values lead to incorrect length calculations and incorrect memcpy operations. It has a CVSS v3.1 base score of 9.0 (CRITICAL).

How severe is CVE-2025-32743? +

CVE-2025-32743 has a CVSS v3.1 score of 9.0 out of 10, rated CRITICAL. This is a critical vulnerability that should be patched immediately.

How do I check if I'm vulnerable to CVE-2025-32743? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2026-42246

Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a …

CVE-2024-39697 8.6

phonenumber is a library for parsing, formatting and validating international phone numbers. Since 0.3.4, the phonenumber parsing code may panic …

CVE-2025-23270 7.1

NVIDIA Jetson Linux contains a vulnerability in UEFI Management mode, where an unprivileged local attacker may cause exposure of sensitive …

CVE-2024-12797 6.3

Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a server may fail to notice that the server …

CVE-2025-26268 3.3

DragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service (daemon crash) via a crafted Redis command. …

CVE-2025-59398 3.1

The OCPP implementation in libocpp before 0.26.2 allows a denial of service (EVerest crash) via JSON input larger than 255 …