What is the vulnerability ID for the DBus vulnerability?

The vulnerability ID for the DBus vulnerability is USN-4398-1.

What is the impact of the DBus vulnerability?

The DBus vulnerability can allow a local attacker to cause DBus to crash, resulting in a denial of service.

Which software versions and packages are affected by the DBus vulnerability?

The DBus vulnerability affects Ubuntu 20.04 with dbus package version 1.12.16-2ubuntu2.1, Ubuntu 20.04 with libdbus-1-3 package version 1.12.16-2ubuntu2.1, Ubuntu 19.10 with dbus package version 1.12.14-1ubuntu2.1, Ubuntu 19.10 with libdbus-1-3 package version 1.12.14-1ubuntu2.1, Ubuntu 18.04 with dbus package version 1.12.2-1ubuntu1.2, Ubuntu 18.04 with libdbus-1-3 package version 1.12.2-1ubuntu1.2, Ubuntu 16.04 with dbus package version 1.10.6-1ubuntu3.6, and Ubuntu 16.04 with libdbus-1-3 package version 1.10.6-1ubuntu3.6.

How can I fix the DBus vulnerability?

To fix the DBus vulnerability, you need to update the affected packages to the specified remedy versions provided by Ubuntu.

Where can I find more information about the DBus vulnerability?

You can find more information about the DBus vulnerability on the Ubuntu security website and the provided references.

Vulnerability/
USN-4398-1

16/6/2020

USN-4398-1: DBus vulnerability

First published: Tue Jun 16 2020(Updated: )

Kevin Backhouse discovered that DBus incorrectly handled file descriptors. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service.

Affected Software	Affected Version	How to fix
All of
ubuntu/dbus	<1.12.16-2ubuntu2.1	1.12.16-2ubuntu2.1
	=20.04
All of
ubuntu/libdbus-1-3	<1.12.16-2ubuntu2.1	1.12.16-2ubuntu2.1
	=20.04
All of
ubuntu/dbus	<1.12.14-1ubuntu2.1	1.12.14-1ubuntu2.1
	=19.10
All of
ubuntu/libdbus-1-3	<1.12.14-1ubuntu2.1	1.12.14-1ubuntu2.1
	=19.10
All of
ubuntu/dbus	<1.12.2-1ubuntu1.2	1.12.2-1ubuntu1.2
	=18.04
All of
ubuntu/libdbus-1-3	<1.12.2-1ubuntu1.2	1.12.2-1ubuntu1.2
	=18.04
All of
ubuntu/dbus	<1.10.6-1ubuntu3.6	1.10.6-1ubuntu3.6
	=16.04
All of
ubuntu/libdbus-1-3	<1.10.6-1ubuntu3.6	1.10.6-1ubuntu3.6
	=16.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

CVE-2020-12049

Frequently Asked Questions

What is the vulnerability ID for the DBus vulnerability?
The vulnerability ID for the DBus vulnerability is USN-4398-1.
What is the impact of the DBus vulnerability?
The DBus vulnerability can allow a local attacker to cause DBus to crash, resulting in a denial of service.
Which software versions and packages are affected by the DBus vulnerability?
The DBus vulnerability affects Ubuntu 20.04 with dbus package version 1.12.16-2ubuntu2.1, Ubuntu 20.04 with libdbus-1-3 package version 1.12.16-2ubuntu2.1, Ubuntu 19.10 with dbus package version 1.12.14-1ubuntu2.1, Ubuntu 19.10 with libdbus-1-3 package version 1.12.14-1ubuntu2.1, Ubuntu 18.04 with dbus package version 1.12.2-1ubuntu1.2, Ubuntu 18.04 with libdbus-1-3 package version 1.12.2-1ubuntu1.2, Ubuntu 16.04 with dbus package version 1.10.6-1ubuntu3.6, and Ubuntu 16.04 with libdbus-1-3 package version 1.10.6-1ubuntu3.6.
How can I fix the DBus vulnerability?
To fix the DBus vulnerability, you need to update the affected packages to the specified remedy versions provided by Ubuntu.
Where can I find more information about the DBus vulnerability?
You can find more information about the DBus vulnerability on the Ubuntu security website and the provided references.

agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/title
agent/type
collector/usn
source/Ubuntu
anchor-related/USN-4398-2
agent/software-canonical-lookup
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu ubuntu
version/ubuntu ubuntu/20.04
version/ubuntu ubuntu/19.10
version/ubuntu ubuntu/18.04
version/ubuntu ubuntu/16.04