4 matches found
CVE-2024-1930 affecting package dnf5 for versions less than 5.1.11-2
CVE-2024-1930 affecting package dnf5 for versions less than 5.1.11-2. A patched version of the package is available...
CVE-2024-1930 No Limit on Number of Open Sessions / Bad Session Close Behaviour
No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via No Limit on Number of Open Sessions. There is no limit on how many sessions D-Bus clients may create using the opensession D-Bus method. For each...
CVE-2024-1930
The CVE-2024-1930 issue affects dnf5daemon-server and is triggered by an unlimited number of sessions created via the D-Bus open_session() method. Each session spawns a thread, consuming memory (hundreds of MB per session), which can exhaust resources and render the service unable to accept new c...
CVE-2024-1930 No Limit on Number of Open Sessions / Bad Session Close Behaviour
No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via No Limit on Number of Open Sessions. There is no limit on how many sessions D-Bus clients may create using the opensession D-Bus method. For each...