First published: Sat Jul 19 2014(Updated: )
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum recursion depth before the initial message is forwarded.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Any of | ||
Freedesktop Dbus | >=1.3.0<1.6.22 | |
Freedesktop Dbus | >=1.8.0<1.8.6 | |
Any of | ||
Linux Linux kernel | >=2.6.38 | |
Linux Linux kernel | =2.6.37 | |
Linux Linux kernel | =2.6.37-rc4 | |
Linux Linux kernel | =2.6.37-rc5 | |
Linux Linux kernel | =2.6.37-rc6 | |
Linux Linux kernel | =2.6.37-rc7 | |
Linux Linux kernel | =2.6.37-rc8 | |
openSUSE openSUSE | =12.3 | |
Debian Debian Linux | =7.0 | |
Mageia Mageia | =3.0 | |
Mageia Mageia | =4.0 | |
Oracle Solaris | =11.3 | |
D-bus Project D-bus | >=1.3.0<1.6.22 | |
D-bus Project D-bus | >=1.8.0<1.8.6 | |
Linux Linux kernel | >=2.6.38 | |
Linux Linux kernel | =2.6.37 | |
Linux Linux kernel | =2.6.37-rc4 | |
Linux Linux kernel | =2.6.37-rc5 | |
Linux Linux kernel | =2.6.37-rc6 | |
Linux Linux kernel | =2.6.37-rc7 | |
Linux Linux kernel | =2.6.37-rc8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.