4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%
Simon McVittie reports:
Do not accept an extra fd in the padding of a cmsg message,
which could lead to a 4-byte heap buffer overrun
(CVE-2014-3635).
Reduce default for maximum Unix file descriptors passed per
message from 1024 to 16, preventing a uid with the default
maximum number of connections from exhausting the system
bus’ file descriptors under Linux’s default rlimit
(CVE-2014-3636).
Disconnect connections that still have a fd pending
unmarshalling after a new configurable limit,
pending_fd_timeout (defaulting to 150 seconds), removing
the possibility of creating an abusive connection that
cannot be disconnected by setting up a circular reference
to a connection’s file descriptor (CVE-2014-3637).
Reduce default for maximum pending replies per connection
from 8192 to 128, mitigating an algorithmic complexity
denial-of-service attack (CVE-2014-3638).
Reduce default for authentication timeout on the system
bus from 30 seconds to 5 seconds, avoiding denial of service
by using up all unauthenticated connection slots; and when
all unauthenticated connection slots are used up, make new
connection attempts block instead of disconnecting them
(CVE-2014-3639).