LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

dbus: denial of service

Package(s):dbus CVE #(s):CVE-2010-4352
Created:December 27, 2010 Updated:May 3, 2011
Description: From the Red Hat bugzilla:

A stack overflow flaw was found in the way the D-BUS message bus service / messaging facility validated messages with excessive number of nested variants. A local, authenticated user could use this flaw to cause dbus daemon to crash (denial of service) via a specially-crafted message sent to the system bus.

Alerts:
Gentoo 201110-14 2011-10-21
CentOS CESA-2011:0376 2011-04-14
Fedora FEDORA-2010-19178 2010-12-22
SUSE SUSE-SR:2011:008 2011-05-03
Red Hat RHSA-2011:0376-01 2011-03-22
openSUSE openSUSE-SU-2011:0401-1 2011-04-28
SUSE SUSE-SR:2011:004 2011-02-22
Pardus 2011-30 2011-02-12
Ubuntu USN-1044-1 2011-01-18
Debian DSA-2149-1 2011-01-20
Fedora FEDORA-2010-19166 2010-12-21
openSUSE openSUSE-SU-2012:1418-1 2012-10-31
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds