Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 371261 (CVE-2011-2200)

Summary: <sys-apps/dbus-1.4.12: Local Denial of Service vulnerability: byteswapping a message doesn't change the byte-order mark (CVE-2011-2200)
Product: Gentoo Security Reporter: Samuli Suominen (RETIRED) <ssuominen>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: alexanderyt, freedesktop-bugs
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://bugs.freedesktop.org/show_bug.cgi?id=38120
Whiteboard: A3 [glsa]
Package list:
Runtime testing required: ---

Description Samuli Suominen (RETIRED) gentoo-dev 2011-06-12 13:12:21 UTC 
All versions prior to 1.4.12 are vulnerable to local denial of service vulnerability, no CVE assigned yet:

https://bugs.freedesktop.org/show_bug.cgi?id=38120
Comment 1 Samuli Suominen (RETIRED) gentoo-dev 2011-06-12 13:13:24 UTC 
From NEWS:

D-Bus 1.4.12 (2011-06-10)
==

Security (local denial of service):

• Byte-swap foreign-endian messages correctly, preventing a long-standing
  local DoS if foreign-endian messages are relayed through the dbus-daemon
  (backporters: this is git commit c3223ba6c401ba81df1305851312a47c485e6cd7)
  (fd.o #38120, Debian #629938, no CVE number yet; Simon McVittie)
Comment 2 Agostino Sarubbo gentoo-dev 2011-06-12 16:24:00 UTC 
amd64 ok
Comment 3 Tim Sammut (RETIRED) gentoo-dev 2011-06-12 18:24:47 UTC 
Thanks, Samuli. Just for the record ;)

Arches, please test and mark stable:
=sys-apps/dbus-1.4.12
Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
Comment 4 Agostino Sarubbo gentoo-dev 2011-06-13 09:50:53 UTC 
@Paweł

I think that for security bug(s) we can skip a test failure, so it shouldn't be as a blocker.
Comment 5 Ian Delaney (RETIRED) gentoo-dev 2011-06-13 22:44:10 UTC 
amd64:

Does fail test, already filed.  Unset test and emerge ok.
Comment 6 Jeroen Roovers (RETIRED) gentoo-dev 2011-06-14 16:05:33 UTC 
Stable for HPPA.
Comment 7 Markos Chandras (RETIRED) gentoo-dev 2011-06-17 18:47:20 UTC 
amd64 done. Thanks Agostino and Ian
Comment 8 Brent Baude (RETIRED) gentoo-dev 2011-06-22 20:19:02 UTC 
ppc done
Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2011-06-24 00:06:34 UTC 
CVE-2011-2200 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2200):
  The _dbus_header_byteswap function in dbus-marshal-header.c in D-Bus (aka
  DBus) 1.2.x before 1.2.28, 1.4.x before 1.4.12, and 1.5.x before 1.5.4 does
  not properly handle a non-native byte order, which allows local users to
  cause a denial of service (connection loss), obtain potentially sensitive
  information, or conduct unspecified state-modification attacks via crafted
  messages.
Comment 10 Raúl Porcel (RETIRED) gentoo-dev 2011-06-26 10:45:59 UTC 
arm/ia64/s390/sh/sparc/x86 stable
Comment 11 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev 2011-07-03 11:26:01 UTC 
ppc64 stable, last arch done
Comment 12 Tim Sammut (RETIRED) gentoo-dev 2011-07-03 15:44:52 UTC 
Thanks, folks. Added to existing GLSA request.
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2011-10-21 21:19:16 UTC 
This issue was resolved and addressed in
 GLSA 201110-14 at http://security.gentoo.org/glsa/glsa-201110-14.xml
by GLSA coordinator Stefan Behte (craig).