Colin Walters

Name of the Vulnerable Software and Affected Versions tar.Reader (affected versions not specified) Description tar.Reader pode alocar uma quantidade ilimitada de memória ao processar um arquivo maliciosamente criado contendo numerosas regiões esparsas codificadas usando o formato "old GNU sparse map". Isso pode levar ao consumo excessivo de memória e potencialmente causar uma condição de negação de serviço. Recommendations Atualmente, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** PolicyKit versions prior to 0.113 **Description** The issue is related to an integer overflow in the `authentication agent new cookie` function. This allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value. The exploitation of this issue can enable a local attacker to elevate their privileges. **Recommendations** For versions prior to 0.113, update to version 0.113 or later to resolve the issue. As a temporary workaround, consider restricting the ability to create a large number of connections to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** DBus-GLib version 0.73 **Description** The issue disregards the access flag of exported GObject properties, allowing local users to bypass intended access restrictions and possibly cause a denial of service by modifying properties. This is demonstrated by properties of services such as DeviceKit-Power, NetworkManager, and ModemManager. **Recommendations** For DBus-GLib version 0.73, consider restricting access to the exported GObject properties to minimize the risk of exploitation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** dbus-1-glib versions prior to 1.2.6 hal versions prior to 1.2.6 bluez versions prior to 1.2.6 PolicyKit versions prior to 1.2.6 powersave versions prior to 1.2.6 dbus-1-python versions prior to 1.2.6 dbus-1-qt3 versions prior to 1.2.6 dbus-1-mono versions prior to 1.2.6 dbus-1-gtk versions prior to 1.2.6 dbus-1-x11 versions prior to 1.2.6 pommed versions prior to 1.2.6 gpomme versions prior to 1.2.6 wmpomme versions prior to 1.2.6 PackageKit versions prior to 1.2.6 libbluetooth3 versions prior to 1.2.6 **Description** The vulnerability allows local attackers to bypass intended access restrictions by sending or receiving messages. This can lead to a violation of confidentiality, integrity, and availability of protected information. The exploitation of the vulnerability can be carried out locally by an attacker who has passed the authentication procedure. **Recommendations** As a temporary workaround, consider disabling the `send type` attribute in the system.conf file of D-Bus until a patch is available. Restrict access to the vulnerable packages to minimize the risk of exploitation. Avoid using the vulnerable packages until the issue is resolved. Update the affected packages to a version later than 1.2.6. At the moment, there is no information about a newer version that contains a fix for this vulnerability.