CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-42010 – dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets
https://notcve.org/view.php?id=CVE-2022-42010
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. Se ha detectado un problema en D-Bus versiones anteriores a 1.12.24, versiones 1.13.x y 1.14.x anteriores a 1.14.4, y versiones 1.15.x anteriores a 1.15.2. Un atacante autenticado puede causar que dbus-daemon y otros programas que usan libdbus sean bloqueados cuando reciben un mensaje con determinadas firmas de tipo no válido A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash when receiving a message with specific invalid type signatures. • https://gitlab.freedesktop.org/dbus/dbus/-/issues/418 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2 https://security.gentoo.org/glsa/202305-08 https://www.openwall.com/lists/oss-security/2022/10/06/1 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-42011 – dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type
https://notcve.org/view.php?id=CVE-2022-42011
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type. Se ha detectado un problema en D-Bus versiones anteriores a 1.12.24, versiones 1.13.x y 1.14.x anteriores a 1.14.4, y versiones 1.15.x anteriores a 1.15.2. Un atacante autenticado puede causar que dbus-daemon y otros programas que usan libdbus sean bloqueados cuando reciben un mensaje en el que la longitud de un array es inconsistente con el tamaño del tipo de elemento A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash when receiving a message whose array length is inconsistent with the size of the element type. • https://gitlab.freedesktop.org/dbus/dbus/-/issues/413 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2 https://security.gentoo.org/glsa/202305-08 https://www.openwall.com/lists/oss-security/2022/10/06/1 • CWE-129: Improper Validation of Array Index CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-42012 – dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly
https://notcve.org/view.php?id=CVE-2022-42012
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. Se ha detectado un problema en D-Bus versiones anteriores a 1.12.24, versiones 1.13.x y 1.14.x anteriores a 1.14.4, y versiones 1.15.x anteriores a 1.15.2. Un atacante autenticado puede causar que dbus-daemon y otros programas que usan libdbus sean bloqueados al enviar un mensaje con descriptores de archivo adjuntos en un formato no esperado A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. • https://gitlab.freedesktop.org/dbus/dbus/-/issues/417 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2 https://security.gentoo.org/glsa/202305-08 https://www.openwall.com/lists/oss-security/2022/10/06/1 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 2CVE-2020-12049 – dbus: denial of service via file descriptor leak
https://notcve.org/view.php?id=CVE-2020-12049
An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AF_UNIX socket could use this to make the system service reach its file descriptor limit, denying service to subsequent D-Bus clients. Se detectó un problema en dbus versiones posteriores a 1.3.0 e incluyéndola y anteriores a 1.12.18. El DBusServer en libdbus, como es usado en dbus-daemon, filtra los descriptores de archivo cuando un mensaje excede el límite del descriptor de archivo por mensaje. • http://packetstormsecurity.com/files/172840/D-Bus-File-Descriptor-Leak-Denial-Of-Service.html http://www.openwall.com/lists/oss-security/2020/06/04/3 https://gitlab.freedesktop.org/dbus/dbus/-/issues/294 https://gitlab.freedesktop.org/dbus/dbus/-/tags/dbus-1.10.30 https://gitlab.freedesktop.org/dbus/dbus/-/tags/dbus-1.12.18 https://gitlab.freedesktop.org/dbus/dbus/-/tags/dbus-1.13.16 https://security.gentoo.org/glsa/202007-46 https://securitylab.github& • CWE-400: Uncontrolled Resource Consumption CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2019-12749 – dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass
https://notcve.org/view.php?id=CVE-2019-12749
dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass. dbus anterior a versión 1.10.28, versión 1.12.x anterior a 1.12.16, y versión 1.13.x anterior a 1.13.12, como es usado en DBusServer en Canonst Upstart en Ubuntu versión 14.04 (y en algunos usos menos comunes de demonio dbus), permite suplantación de identidad de cookie debido al manejo inapropiado de enlaces simbólicos (symlink) en la implementación de referencia de DBUS_COOKIE_SHA1 en la biblioteca libdbus. (Esto solo afecta el mecanismo de autenticación DBUS_COOKIE_SHA1). • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00092.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00026.html http://www.openwall.com/lists/oss-security/2019/06/11/2 http://www.securityfocus.com/bid/108751 https://access.redhat.com/errata/RHSA-2019:1726 https://access.redhat.com/errata/RHSA-2019:2868 https://access.redhat.com/errata/RHSA-2019:2870 https://access.red • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-287: Improper Authentication •