CVE-2023-34969

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions D-Bus versions prior to 1.12.28 D-Bus versions prior to 1.14.8 D-Bus versions prior to 1.15.6

Description The issue allows unprivileged users to crash dbus-daemon under certain circumstances. This can be achieved by sending an unreplyable message when a privileged user is monitoring message bus traffic using the org.freedesktop.DBus.Monitoring interface. If done on the well-known system bus, it results in a denial-of-service.

Recommendations For versions prior to 1.12.28, update to version 1.12.28 or later. For versions prior to 1.14.8, update to version 1.14.8 or later. For versions prior to 1.15.6, update to version 1.15.6 or later.

Exploit

Fix

DoS

Assertion Failure

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-617CWE-404

Related Identifiers

ALSA-2023:4498

ALSA-2023:4569

ALT-PU-2023-4115

ALT-PU-2023-4139

ALT-PU-2024-3680

AZL-27178

BDU:2024-02756

CESA-2023_4498

CVE-2023-34969

DLA-3628-1

OESA-2023-1375

OPENSUSE-SU-2023_2877-1

OPENSUSE-SU-2024:12996-1

RHSA-2023:4498

RHSA-2023:4569

RHSA-2023:5193

RHSA-2023_4498

RHSA-2023_4569

RLSA-2023:4498

RLSA-2023:4569

ROSA-SA-2025-2603

SUSE-SU-2023:2876-1

SUSE-SU-2023:2877-1

SUSE-SU-2023:2879-1

SUSE-SU-2023_2876-1

SUSE-SU-2023_2877-1

SUSE-SU-2023_2879-1

USN-6372-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

D-Bus

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

CVE-2023-34969

Weakness Enumeration

Related Identifiers

Affected Products

References · 48