aosc-os-abbs icon indicating copy to clipboard operation
aosc-os-abbs copied to clipboard

Published 20 hours ago verified publisher icon AOSC-Dev

dbus: Denial of Service(CVE-2022-42010, 42011, 42012)

Open CamberLoid opened this issue 3 years ago • 1 comments

CVE IDs

CVE-2022-42010, 42011, 42012

Other security advisory IDs

  • Debian: DSA-5250-1
  • OSS Security Maillist: https://www.openwall.com/lists/oss-security/2022/10/06/1

Description

From mail list:

  • An invalid array of fixed-length elements where the length of the array is not a multiple of the length of the element would cause an assertion failure in debug builds or an out-of-bounds read in production builds. This was a regression in version 1.3.0. (dbus#413, CVE-2022-42011, fixed by https://gitlab.freedesktop.org/dbus/dbus/-/commit/079bbf16186e87fb0157adf8951f19864bc2ed69)

  • A syntactically invalid type signature with incorrectly nested parentheses and curly brackets would cause an assertion failure in debug builds. Similar messages could potentially result in a crash or incorrect message processing in a production build, although we are not aware of a practical example. (dbus#418, CVE-2022-42010, fixed by https://gitlab.freedesktop.org/dbus/dbus/-/commit/9d07424e9011e3bbe535e83043d335f3093d2916)

  • A message in non-native endianness with out-of-band Unix file descriptors would cause a use-after-free and possible memory corruption in production builds, or an assertion failure in debug builds. This was a regression in version 1.3.0. (dbus#417, CVE-2022-42012, fixed by https://gitlab.freedesktop.org/dbus/dbus/-/commit/236f16e444e88a984cf12b09225e0f8efa6c5b44)

Patches

N/A

PoC(s)

N/A

CamberLoid avatar Oct 09 '22 12:10 CamberLoid

Current dbus (version 1.12.20/1.12.18(+32)) in repository is vulnerable. A upgrade to 1.12.24 or newer version (1.14.4+, 1.15.2+) is recommended.

CamberLoid avatar Oct 09 '22 12:10 CamberLoid

Upgraded to 1.14.4

jiegec avatar Feb 04 '24 13:02 jiegec