Lucene search

Gentoo FoundationGLSA-201412-12

HistoryDec 13, 2014 - 12:00 a.m.

D-Bus: Multiple Vulnerabilities

2014-12-1300:00:00

Gentoo Foundation

security.gentoo.org

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

35.7%

JSON

Background

D-Bus is a message bus system, a simple way for applications to talk to one another.

Description

Multiple vulnerabilities have been discovered in D-Bus. Please review the CVE identifiers referenced below for details.

Impact

A local attacker could possibly cause a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All D-Bus users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose "&gt;=sys-apps/dbus-1.8.10"

OSVersionArchitecturePackageVersionFilename
Gentooanyallsys-apps/dbus< 1.8.10UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Gentoo	any	all	sys-apps/dbus	< 1.8.10	UNKNOWN

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

35.7%

JSON

Related for GLSA-201412-12