PT-2010-1094 · Gentoo Linux+1 · D-Bus+1

Jan Lieskovsky

Published

2010-12-30

Updated

2024-06-15

CVE-2010-4352

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions D-Bus versions prior to 1.4.12 D-Bus versions prior to 1.4.1

Description The issue affects the D-Bus package in Gentoo Linux, allowing local exploitation that may lead to breaches in confidentiality, integrity, and availability of protected information. A stack consumption vulnerability exists, enabling local users to cause a denial of service by crashing the daemon with a message containing many nested variants.

Recommendations For versions prior to 1.4.1, update to version 1.4.1 or later to resolve the stack consumption vulnerability. For versions prior to 1.4.12, update to version 1.4.12 or later to address the multiple vulnerabilities.

Exploit

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

BDU:2015-09422

CVE-2010-4352

DSA-2149-1

OPENSUSE-SU-2024:10517-1

RHSA-2011:0376

RHSA-2011_0376

Affected Products

D-Bus

Red Hat

PT-2010-1094 · Gentoo Linux+1 · D-Bus+1

CVE-2010-4352

Weakness Enumeration

Related Identifiers

Affected Products

References · 46