[Debian] Medium CVE: CVE-2022-42010/CVE-2022-42011/CVE-2022-42012: dbus: multiple CVEs

CVE-2022-42010: https://nvd.nist.gov/vuln/detail/CVE-2022-42010

An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.

CVE-2022-42011: https://nvd.nist.gov/vuln/detail/CVE-2022-42011

An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.

CVE-2022-42012: https://nvd.nist.gov/vuln/detail/CVE-2022-42012

An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format.

Base Score: Medium

References:

https://www.debian.org/security/2022/dsa-5250

https://security-tracker.debian.org/tracker/CVE-2022-42010

https://security-tracker.debian.org/tracker/CVE-2022-42011

https://security-tracker.debian.org/tracker/CVE-2022-42012

['dbus_1.12.20-2_amd64.deb===>dbus_1.12.24-0+deb11u1_amd64.deb', 'dbus-user-session_1.12.20-2_amd64.deb===>dbus-user-session_1.12.24-0+deb11u1_amd64.deb', 'libdbus-1-3_1.12.20-2_amd64.deb===>libdbus-1-3_1.12.24-0+deb11u1_amd64.deb']