Opened 5 years ago

Closed 5 years ago

Last modified 5 years ago

#3993 closed enhancement (fixed)

dbus-1.10.12 (CVE-2015-0245)

Reported by: bdubbs@… Owned by: Douglas R. Reno
Priority: high Milestone: 8.0
Component: Book Version: SVN
Severity: normal Keywords:

Description (last modified by Samuel)

New point version.

Security fixes:

• Do not treat ActivationFailure message received from root-owned
  systemd name as a format string. In principle this is a security
  vulnerability, but we do not believe it is exploitable in practice,
  because only privileged processes can own the
  org.freedesktop.systemd1 bus name, and systemd does not appear to
  send activation failures that contain "%".

  Please note that this probably *was* exploitable in dbus versions
  older than 1.6.30, 1.8.16 and 1.9.10 due to a missing check which at
  the time was only thought to be a denial of service vulnerability
  (CVE-2015-0245). If you are still running one of those versions,
  patch or upgrade immediately.

  (fd.o #98157, Simon McVittie)

Change History (5)

comment:1 by Samuel, 5 years ago

Description: modified (diff)
Priority: normalhigh
Type: taskenhancement

It has come to my attention through the BLFS ticket #8424 that there is a security flaw in the versions before.

comment:2 by Douglas R. Reno, 5 years ago

Summary: dbus-1.10.12dbus-1.10.12 (CVE-2015-0245)

Added the CVE number to the title to aid in my research.

comment:3 by Douglas R. Reno, 5 years ago

Owner: changed from lfs-book@… to Douglas R. Reno
Status: newassigned

Will update this while building my workstation.

comment:4 by Douglas R. Reno, 5 years ago

Resolution: fixed
Status: assignedclosed

Fixed at r11137

comment:5 by bdubbs@…, 5 years ago

Milestone: 7.118.0

Milestone renamed

Note: See TracTickets for help on using tickets.