4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
8.6%
D-Bus is a system for sending messages between applications. It is used for
the system-wide message bus service and as a per-user-login-session
messaging facility.
A denial of service flaw was found in the way the D-Bus library handled
endianness conversion when receiving messages. A local user could use this
flaw to send a specially-crafted message to dbus-daemon or to a service
using the bus, such as Avahi or NetworkManager, possibly causing the
daemon to exit or the service to disconnect from the bus. (CVE-2011-2200)
All users are advised to upgrade to these updated packages, which contain a
backported patch to correct this issue. For the update to take effect, all
running instances of dbus-daemon and all running applications using the
libdbus library must be restarted, or the system rebooted.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | ppc64 | dbus | < 1.2.24-5.el6_1 | dbus-1.2.24-5.el6_1.ppc64.rpm |
RedHat | 5 | s390 | dbus | < 1.1.2-16.el5_7 | dbus-1.1.2-16.el5_7.s390.rpm |
RedHat | 6 | ppc64 | dbus-devel | < 1.2.24-5.el6_1 | dbus-devel-1.2.24-5.el6_1.ppc64.rpm |
RedHat | 6 | noarch | dbus-doc | < 1.2.24-5.el6_1 | dbus-doc-1.2.24-5.el6_1.noarch.rpm |
RedHat | 5 | ia64 | dbus | < 1.1.2-16.el5_7 | dbus-1.1.2-16.el5_7.ia64.rpm |
RedHat | 5 | ia64 | dbus-x11 | < 1.1.2-16.el5_7 | dbus-x11-1.1.2-16.el5_7.ia64.rpm |
RedHat | 6 | s390x | dbus-debuginfo | < 1.2.24-5.el6_1 | dbus-debuginfo-1.2.24-5.el6_1.s390x.rpm |
RedHat | 5 | i386 | dbus-x11 | < 1.1.2-16.el5_7 | dbus-x11-1.1.2-16.el5_7.i386.rpm |
RedHat | 6 | x86_64 | dbus-debuginfo | < 1.2.24-5.el6_1 | dbus-debuginfo-1.2.24-5.el6_1.x86_64.rpm |
RedHat | 5 | ia64 | dbus-libs | < 1.1.2-16.el5_7 | dbus-libs-1.1.2-16.el5_7.ia64.rpm |