Summary: | <sys-apps/dbus-1.8.8: Multiple vulnerabilities (CVE-2014-{3635,3636,3637,3638,3639) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Samuli Suominen (RETIRED) <ssuominen> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://cgit.freedesktop.org/dbus/dbus/tree/NEWS?h=dbus-1.8 | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Samuli Suominen (RETIRED)
2014-09-17 06:07:22 UTC
Please test and stabilize: =sys-apps/dbus-1.8.8 alpha amd64 arm hppa ia64 ppc ppc64 sparc x86 Stable for HPPA. amd64 stable x86 stable sparc stable ppc64 stable alpha stable arm stable ia64 stable CVE-2014-3639 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3639): The dbus-daemon in D-Bus before 1.6.24 and 1.8.x before 1.8.8 does not properly close old connections, which allows local users to cause a denial of service (incomplete connection consumption and prevention of new connections) via a large number of incomplete connections. CVE-2014-3638 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3638): The bus_connections_check_reply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service (CPU consumption) via a large number of method calls. CVE-2014-3637 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3637): D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 does not properly close connections for processes that have terminated, which allows local users to cause a denial of service via a D-bus message containing a D-Bus connection file descriptor. CVE-2014-3635 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3635): Off-by-one error in D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8, when running on a 64-bit system and the max_message_unix_fds limit is set to an odd number, allows remote attackers to cause a denial of service (dbus-daemon crash) or possibly execute arbitrary code by sending one more file descriptor than the limit, which triggers a heap-based buffer overflow or an assertion failure. ppc stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. Added to existing glsa draft. This issue was resolved and addressed in GLSA 201412-12 at http://security.gentoo.org/glsa/glsa-201412-12.xml by GLSA coordinator Mikle Kolyada (Zlogene). |