Create an account

Subscribe to LWN

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Weekly edition	Kernel	Security	Distributions	Contact Us	Search
Archives	Calendar	Subscribe	Write for LWN	LWN.net FAQ	Sponsors

dbus: root code execution

Package(s):

dbus-1

CVE #(s):

CVE-2012-3524

Created:

September 13, 2012

Updated:

April 9, 2013

Description:

From the SUSE advisory:

This update fixes a vulnerability in the DBUS auto-launching feature that allowed local users to execute arbitrary programs as root.

Alerts:

SUSE	SUSE-SU-2012:1155-1	2012-09-12
CentOS	CESA-2012:1261	2012-09-13
Red Hat	RHSA-2012:1261-01	2012-09-13
Oracle	ELSA-2012-1261	2012-09-14
SUSE	SUSE-SU-2012:1155-2	2012-09-14
Scientific Linux	SL-dbus-20120914	2012-09-14
Oracle	ELSA-2012-1284	2012-09-17
Ubuntu	USN-1576-1	2012-09-20
Fedora	FEDORA-2012-14157	2012-09-26
Fedora	FEDORA-2012-14157	2012-09-26
openSUSE	openSUSE-SU-2012:1287-1	2012-10-04
Ubuntu	USN-1576-2	2012-10-04
Mageia	MGASA-2012-0282	2012-10-06
Mageia	MGASA-2012-0293	2012-10-14
openSUSE	openSUSE-SU-2012:1418-1	2012-10-31
Fedora	FEDORA-2012-14126	2012-11-02
Mandriva	MDVSA-2013:070	2013-04-08
Mandriva	MDVSA-2013:083	2013-04-09

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds