Описание
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.
A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash when receiving a message whose array length is inconsistent with the size of the element type.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | dbus | Out of support scope | ||
| Red Hat Enterprise Linux 7 | dbus | Out of support scope | ||
| Red Hat Enterprise Linux 8 | dbus | Fixed | RHSA-2023:0096 | 12.01.2023 |
| Red Hat Enterprise Linux 8 | dbus | Fixed | RHSA-2023:0096 | 12.01.2023 |
| Red Hat Enterprise Linux 8.6 Extended Update Support | dbus | Fixed | RHSA-2022:8812 | 06.12.2022 |
| Red Hat Enterprise Linux 9 | dbus | Fixed | RHSA-2023:0335 | 23.01.2023 |
| Red Hat Enterprise Linux 9 | dbus | Fixed | RHSA-2023:0335 | 23.01.2023 |
| Red Hat Enterprise Linux 9.0 Extended Update Support | dbus | Fixed | RHSA-2022:8977 | 13.12.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x bef ...
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.
EPSS
6.5 Medium
CVSS3