58 matches found
RLSA-2023:4569 Moderate: dbus security update
D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fixes: dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered...
RLSA-2023:4498 Moderate: dbus security update
D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fixes: dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered...
Avahi 资源管理错误漏洞
Avahi is a suite of native service discovery tools for Linux. A security vulnerability exists in Avahi that stems from the avahi-daemon process potentially crashing on the DBus message bus...
SUSE CVE-2008-3834
The dbussignaturevalidate function in the D-bus library libdbus before 1.2.4 allows remote attackers to cause a denial of service application abort via a message containing a malformed signature, which triggers a failed assertion error...
ALSA-2023:0335 Moderate: dbus security update
D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fixes: dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets...
dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets
A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash when receiving a message with specific invalid type signatures...
Moderate: Red Hat Security Advisory: dbus security update
An update for dbus is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Moderate: Red Hat Security Advisory: dbus security update
An update for dbus is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
D-BUS 输入验证错误漏洞
D-BUS is a message bus system, which is mainly used for inter-process communication and remote procedure calls. A security vulnerability exists in D-BUS versions prior to 1.12.24-0+deb11u1, which stems from the inclusion of multiple vulnerabilities in D-Bus that can be exploited by an attacker to...
PT-2022-5137 · D-Bus +10 · D-Bus +10
Name of the Vulnerable Software and Affected Versions: D-Bus versions 1.12.24 and earlier, 1.13.x, 1.14.x before 1.14.4, and 1.15.x before 1.15.2 Description: An issue was discovered in D-Bus where an authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when...
USN-5427-1 apport vulnerabilities
Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. CVE-2021-3899 Gerrit Venema discovered that Apport incorrectly handled connections to...
USN-5244-1 dbus vulnerability
Daniel Onaca discovered that DBus contained a use-after-free vulnerability, caused by the incorrect handling of usernames sharing the same UID. An attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service...
Aptdaemon Security Vulnerabilities
Aptdaemon is a code library for pypi for individual developers. The library functions allow package management tasks to be performed in a DBus-controlled background process. A security vulnerability exists in Aptdaemon, which can be exploited by an attacker to trigger a denial of service via a...
EulerOS 2.0 SP2 : dbus (EulerOS-SA-2020-2339)
According to the version of the dbus packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in dbus = 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message...
Important: Red Hat Security Advisory: dbus security update
An update for dbus is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: Red Hat Security Advisory: dbus security update
An update for dbus is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
MGASA-2020-0262 Updated dbus packages fix security vulnerability
The updated packages fix a security vulnerability: An issue was discovered in dbus = 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus o...
Updated dbus packages fix security vulnerability
The updated packages fix a security vulnerability: An issue was discovered in dbus = 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus o...
Denial Of Service (DoS)
tcmu-runner is vulnerable to NULL pointer dereference. The vulnerability exists in the UnregisterHandler method implemented in the tcmu-runner daemon. A local, non-root user with access to the D-Bus system bus could call the UnregisterHandler method with the name of a handler loaded internally in...
Privilege Escalation
tcmu-runner is vulnerable to privilege escalation. The vulnerability exists in implementation of the CheckConfig method in handlerqcow.so of the tcmu-runner daemon. A local, non-root user with access to the D-Bus system bus could use this flaw to leak arbitrary file names which might not be...