19 matches found
EUVD-2020-4365
Malware in sbrugna...
SUSE CVE-2019-15718
In systemd 240, busopensystemwatchbindwithdescription in shared/bus-util.c as used by systemd-resolved to connect to the system D-Bus instance, calls sdbussettrusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by executing D-Bus methods that...
DLA-3628-1 dbus - security update
Bulletin has no description...
dbus security update
1:1.12.20-7.0.1.1 - Fix CVE-2023-34969 2213402 1.12.20-7.0.1 - fix netlink poll: error 4 Zhenzhong Duan 1:1.12.20-7 - Fix CVE-2022-42010 2133647 - Fix CVE-2022-42011 2133641 - Fix CVE-2022-42012 2133635 1:1.12.20-6 - Override upstream sysusers.d confguration 2118226 1:1.12.20-5 - Rebuilt for IMA...
DSA-5250-1 dbus - security update
Bulletin has no description...
SUSE-SU-2021:2470-1 Security update for dbus-1
This update for dbus-1 fixes the following issues: - CVE-2020-12049: truncated messages lead to resource exhaustion bsc1172505...
MGASA-2020-0262 Updated dbus packages fix security vulnerability
The updated packages fix a security vulnerability: An issue was discovered in dbus = 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus o...
SUSE-SU-2019:2820-2 Security update for dbus-1
This update for dbus-1 fixes the following issues: Security issue fixed: - CVE-2019-12749: Fixed an implementation flaw in DBUSCOOKIESHA1 which could have allowed local attackers to bypass authentication bsc1137832...
OPENSUSE-SU-2019:1750-1 Security update for dbus-1
This update for dbus-1 fixes the following issues: Security issue fixed: - CVE-2019-12749: Fixed an implementation flaw in DBUSCOOKIESHA1 which could have allowed local attackers to bypass authentication bsc1137832. This update was imported from the SUSE:SLE-15-SP1:Update update project...
SUSE-SU-2019:1597-1 Security update for dbus-1
This update for dbus-1 fixes the following issue: Security issue fixed: - CVE-2019-12749: Fixed an implementation flaw in DBUSCOOKIESHA1 which could have allowed local attackers to bypass authentication bsc1137832...
SUSE-SU-2017:0695-1 Recommended update for dbus-1
This update for dbus-1 fixes the following issues: Security issues fixed: - Symlink attack in nonce-tcp transport. bsc1025950 - Symlink attack in unit tests. bsc1025951 Bugfixes: - Remove sysvinit script, not used under systemd. bsc974092...
Updated dbus packages fix security vulnerabilities
non-systemd processes can make dbus-daemon think systemd failed to activate a system service, resulting in an error reply back to the requester, causing a local denial of service CVE-2015-0245...
Mandriva Linux Security Advisory : dbus (MDVSA-2014:214)
Updated dbus packages fixes the following security issues : Alban Crequy and Simon McVittie discovered several vulnerabilities in the D-Bus message daemon : On 64-bit platforms, file descriptor passing could be abused by local users to cause heap corruption in dbus-daemon, leading to a crash, or...
MGASA-2014-0395 Updated dbus packages fix multiple security vulnerabilities
Updated dbus packages fixes the following security issues: Alban Crequy and Simon McVittie discovered several vulnerabilities in the D-Bus message daemon: On 64-bit platforms, file descriptor passing could be abused by local users to cause heap corruption in dbus-daemon, leading to a crash, or...
[SECURITY] [DSA 2971-1] dbus security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2971-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso July 02, 2014 http://www.debian.org/security/faq -...
CVE-2014-3532
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service system-bus disconnect of other services or applications by sending a message containing a file descriptor, then exceeding the maximum recursion depth before...
dbus security update
1:1.2.24-7.0.1.el63 - fix netlink poll: error 4 Zhenzhong Duan 1:1.2.24-7 - Resolves: 854821 1:1.2.24-6 - Apply patches for CVE-2011-2200 - Resolves: 725314...
USN-727-2: NetworkManager vulnerability
USN-727-1 fixed vulnerabilities in network-manager-applet. This advisory provides the corresponding updates for NetworkManager. It was discovered that NetworkManager did not properly enforce permissions when responding to dbus requests. A local user could perform dbus queries to view system and...
dbus security policy circumvention
dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes sendinterface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL interface...