Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2014-3533

dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows local users to cause a denial of service (disconnect) via a certain sequence of crafted messages that cause the dbus-daemon to forward a message containing an invalid file descriptor.

Related bugs and status

CVE-2014-3533 (Candidate) is related to these bugs:

Bug #1320422: Please merge dbus 1.8.6-1 (main) from Debian testing (main)

Summary				In	Importance	Status
	1320422	Please merge dbus 1.8.6-1 (main) from Debian testing (main)		dbus (Ubuntu)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2014070...
CONFIRM: https://bugs.freedeskt...
CONFIRM: https://bugs.freedeskt...
DEBIAN: DSA-2971
SECUNIA: 59611
SECUNIA: 59798
SECUNIA: 60236
SUSE: openSUSE-SU-2014:1239
CONFIRM: http://advisories.mage...
MANDRIVA: MDVSA-2015:176
CONFIRM: http://www.oracle.com/...