Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2023-4569

Опубликовано: 10 авг. 2023
Источник: oracle-oval
Платформа: Oracle Linux 9

Описание

ELSA-2023-4569: dbus security update (MODERATE)

[1:1.12.20-7.0.1.1]

  • Fix CVE-2023-34969 (#2213402)

[1.12.20-7.0.1]

  • fix netlink poll: error 4 (Zhenzhong Duan)

[1:1.12.20-7]

  • Fix CVE-2022-42010 (#2133647)
  • Fix CVE-2022-42011 (#2133641)
  • Fix CVE-2022-42012 (#2133635)

[1:1.12.20-6]

  • Override upstream sysusers.d confguration (#2118226)

[1:1.12.20-5]

  • Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

dbus

1.12.20-7.0.1.el9_2.1

dbus-common

1.12.20-7.0.1.el9_2.1

dbus-daemon

1.12.20-7.0.1.el9_2.1

dbus-devel

1.12.20-7.0.1.el9_2.1

dbus-libs

1.12.20-7.0.1.el9_2.1

dbus-tools

1.12.20-7.0.1.el9_2.1

dbus-x11

1.12.20-7.0.1.el9_2.1

Oracle Linux x86_64

dbus

1.12.20-7.0.1.el9_2.1

dbus-common

1.12.20-7.0.1.el9_2.1

dbus-daemon

1.12.20-7.0.1.el9_2.1

dbus-devel

1.12.20-7.0.1.el9_2.1

dbus-libs

1.12.20-7.0.1.el9_2.1

dbus-tools

1.12.20-7.0.1.el9_2.1

dbus-x11

1.12.20-7.0.1.el9_2.1

Связанные CVE

CVE-2023-34969

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2023-34969

CVSS3: 6.5
ubuntu
около 2 лет назад

D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.

redhat логотип

CVE-2023-34969

CVSS3: 6.2
redhat
около 2 лет назад

D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.

nvd логотип

CVE-2023-34969

CVSS3: 6.5
nvd
около 2 лет назад

D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.

msrc логотип

CVE-2023-34969

CVSS3: 6.5
msrc
около 2 лет назад

Описание отсутствует

debian логотип

CVE-2023-34969

CVSS3: 6.5
debian
около 2 лет назад

D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus- ...