10 matches found
EulerOS 2.0 SP2 : dbus (EulerOS-SA-2020-2339)
According to the version of the dbus packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in dbus = 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message...
MGASA-2020-0262 Updated dbus packages fix security vulnerability
The updated packages fix a security vulnerability: An issue was discovered in dbus = 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus o...
Updated dbus packages fix security vulnerability
The updated packages fix a security vulnerability: An issue was discovered in dbus = 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus o...
Privilege Escalation
tcmu-runner is vulnerable to privilege escalation. The vulnerability exists in implementation of the CheckConfig method in handlerqcow.so of the tcmu-runner daemon. A local, non-root user with access to the D-Bus system bus could use this flaw to leak arbitrary file names which might not be...
Denial Of Service (DoS)
tcmu-runner is vulnerable to NULL pointer dereference. The vulnerability exists in the UnregisterHandler method implemented in the tcmu-runner daemon. A local, non-root user with access to the D-Bus system bus could call the UnregisterHandler method with the name of a handler loaded internally in...
NULL Pointer Dereference
tcmu-runner is vulnerable to NULL pointer dereference. The vulnerability exists in the UnregisterHandler method implemented in the tcmu-runner daemon. A local, non-root user with access to the D-Bus system bus could call UnregisterHandler method with non-existing tcmu handler as paramater to...
OPENSUSE-SU-2019:1246-1 Security update for blueman
This update for blueman fixes the following issues: The following security issue was addressed: - Fixed the polkit authorization checks in blueman, which previously allowed any user with access to the D-Bus system bus to trigger certain network configuration logic in blueman without authenticatio...
MGASA-2018-0414 Updated blueman packages fix security vulnerability
Flawed polkit authorization checks in blueman allowed any user with access to the D-Bus system bus to trigger certain network configuration logic in blueman without authentication boo1083066...
CVE-2017-1000200
A NULL pointer dereference flaw was found in the UnregisterHandler method implemented in the tcmu-runner daemon. A local, non-root user with access to the D-Bus system bus could call the UnregisterHandler method with the name of a handler loaded internally in tcmu-runner via dlopen to trigger DoS...
CVE-2017-1000201
A NULL pointer dereference flaw was found in the UnregisterHandler method implemented in the tcmu-runner daemon. A local, non-root user with access to the D-Bus system bus could call UnregisterHandler method with non-existing tcmu handler as paramater to trigger DoS...