CVE-2014-3532
published 2014-07-19CVE-2014-3532: dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus…
low2.1CVSS 3.1
AVLACLAuNCNINAP
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum recursion depth before the initial message is forwarded.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | dbus | < dbus 1.8.6-1 (bookworm) | dbus 1.8.6-1 (bookworm) |
| debian | debian_linux | — | — |
| freedesktop | dbus | >= 0 < 1.8.6-1 | 1.8.6-1 |
| freedesktop | dbus | >= 0 < 1.8.6-1 | 1.8.6-1 |
| freedesktop | dbus | >= 0 < 1.8.6-1 | 1.8.6-1 |
| freedesktop | dbus | >= 0 < 1.8.6-1 | 1.8.6-1 |
| freedesktop | dbus | >= 0 < 1.6.18-0ubuntu4.1 | 1.6.18-0ubuntu4.1 |
| freedesktop | dbus | >= 1.3.0 < 1.6.22 | 1.6.22 |
| freedesktop | dbus | >= 1.8.0 < 1.8.6 | 1.8.6 |
| mageia | mageia | — | — |
| mageia | mageia | — | — |
| opensuse | opensuse | — | — |
| oracle | solaris | — | — |
CVSS provenance
nvd2.1LOWAV:L/AC:L/Au:N/C:N/I:N/A:P
osv4.0MEDIUM