CVE-2012-3524

libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable.  NOTE: libdbus maintainers state that this is a vulnerability in the applications that do not cleanse environment variables, not in libdbus itself: "we do not support use of libdbus in setuid binaries that do not sanitize their environment before their first call into libdbus."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 97%
Affected Products (NVD)
VendorProductVersion
freedesktoplibdbus
𝑥
≤ 1.5.12
freedesktoplibdbus
1.5.0
freedesktoplibdbus
1.5.2
freedesktoplibdbus
1.5.4
freedesktoplibdbus
1.5.6
freedesktoplibdbus
1.5.8
freedesktoplibdbus
1.5.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
dbus
bookworm
1.14.10-1~deb12u1
fixed
bullseye
1.12.28-0+deb11u1
fixed
bullseye (security)
1.12.24-0+deb11u1
fixed
sid
1.14.10-6
fixed
squeeze
not-affected
trixie
1.14.10-6
fixed
glib2.0
bookworm
2.74.6-2+deb12u3
fixed
bookworm (security)
2.74.6-2+deb12u2
fixed
bullseye
2.66.8-1+deb11u4
fixed
bullseye (security)
2.66.8-1+deb11u3
fixed
sid
2.82.2-2
fixed
squeeze
not-affected
trixie
2.82.2-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
dbus
hardy
Fixed 1.1.20-1ubuntu3.7
released
lucid
Fixed 1.2.16-2ubuntu4.5
released
natty
Fixed 1.4.6-1ubuntu6.2
released
oneiric
Fixed 1.4.14-1ubuntu1.1
released
precise
Fixed 1.4.18-1ubuntu1.1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
dbus-1
suse enterprise desktop 15
1.12.2-1.76
fixed
suse enterprise sap 12 SP5
1.8.22-9.38
fixed
suse enterprise sap 15
1.12.2-1.76
fixed
suse enterprise server 12 SP5
1.8.22-9.38
fixed
suse enterprise server 15
1.12.2-1.76
fixed
dbus-1-devel
suse enterprise desktop 15
1.12.2-1.76
fixed
suse enterprise sap 15
1.12.2-1.76
fixed
suse enterprise server 15
1.12.2-1.76
fixed
dbus-1-x11
suse enterprise desktop 15
1.12.2-1.23
fixed
suse enterprise sap 12 SP5
1.8.22-9.38
fixed
suse enterprise sap 15
1.12.2-1.23
fixed
suse enterprise server 12 SP5
1.8.22-9.38
fixed
suse enterprise server 15
1.12.2-1.23
fixed
glib2-devel
suse enterprise desktop 15
2.54.3-2.13
fixed
suse enterprise desktop 15 SP1
2.54.3-4.10.1
fixed
suse enterprise sap 15
2.54.3-2.13
fixed
suse enterprise sap 15 SP1
2.54.3-4.10.1
fixed
suse enterprise server 15
2.54.3-2.13
fixed
suse enterprise server 15 SP1
2.54.3-4.10.1
fixed
glib2-lang
suse enterprise desktop 15
2.54.3-2.13
fixed
suse enterprise desktop 15 SP1
2.54.3-4.10.1
fixed
suse enterprise sap 12 SP5
2.48.2-12.15.1
fixed
suse enterprise sap 15
2.54.3-2.13
fixed
suse enterprise sap 15 SP1
2.54.3-4.10.1
fixed
suse enterprise server 12 SP5
2.48.2-12.15.1
fixed
suse enterprise server 15
2.54.3-2.13
fixed
suse enterprise server 15 SP1
2.54.3-4.10.1
fixed
glib2-tools
suse enterprise desktop 15
2.54.3-2.13
fixed
suse enterprise desktop 15 SP1
2.54.3-4.10.1
fixed
suse enterprise sap 12 SP5
2.48.2-12.15.1
fixed
suse enterprise sap 15
2.54.3-2.13
fixed
suse enterprise sap 15 SP1
2.54.3-4.10.1
fixed
suse enterprise server 12 SP5
2.48.2-12.15.1
fixed
suse enterprise server 15
2.54.3-2.13
fixed
suse enterprise server 15 SP1
2.54.3-4.10.1
fixed
libdbus-1-3
suse enterprise desktop 15
1.12.2-1.76
fixed
suse enterprise sap 12 SP5
1.8.22-9.28
fixed
suse enterprise sap 15
1.12.2-1.76
fixed
suse enterprise server 12 SP5
1.8.22-9.28
fixed
suse enterprise server 15
1.12.2-1.76
fixed
libdbus-1-3-32bit
suse enterprise desktop 15
1.12.2-1.76
fixed
suse enterprise sap 12 SP5
1.8.22-9.28
fixed
suse enterprise sap 15
1.12.2-1.76
fixed
suse enterprise server 12 SP5
1.8.22-9.28
fixed
suse enterprise server 15
1.12.2-1.76
fixed
libgio-2_0-0
suse enterprise desktop 15
2.54.3-2.13
fixed
suse enterprise desktop 15 SP1
2.54.3-4.10.1
fixed
suse enterprise sap 12 SP5
2.48.2-12.15.1
fixed
suse enterprise sap 15
2.54.3-2.13
fixed
suse enterprise sap 15 SP1
2.54.3-4.10.1
fixed
suse enterprise server 12 SP5
2.48.2-12.15.1
fixed
suse enterprise server 15
2.54.3-2.13
fixed
suse enterprise server 15 SP1
2.54.3-4.10.1
fixed
libgio-2_0-0-32bit
suse enterprise desktop 15
2.54.3-2.13
fixed
suse enterprise desktop 15 SP1
2.54.3-4.10.1
fixed
suse enterprise sap 12 SP5
2.48.2-12.15.1
fixed
suse enterprise sap 15
2.54.3-2.13
fixed
suse enterprise sap 15 SP1
2.54.3-4.10.1
fixed
suse enterprise server 12 SP5
2.48.2-12.15.1
fixed
suse enterprise server 15
2.54.3-2.13
fixed
suse enterprise server 15 SP1
2.54.3-4.10.1
fixed
libglib-2_0-0
suse enterprise desktop 15
2.54.3-2.13
fixed
suse enterprise desktop 15 SP1
2.54.3-4.10.1
fixed
suse enterprise sap 12 SP5
2.48.2-12.15.1
fixed
suse enterprise sap 15
2.54.3-2.13
fixed
suse enterprise sap 15 SP1
2.54.3-4.10.1
fixed
suse enterprise server 12 SP5
2.48.2-12.15.1
fixed
suse enterprise server 15
2.54.3-2.13
fixed
suse enterprise server 15 SP1
2.54.3-4.10.1
fixed
libglib-2_0-0-32bit
suse enterprise desktop 15
2.54.3-2.13
fixed
suse enterprise desktop 15 SP1
2.54.3-4.10.1
fixed
suse enterprise sap 12 SP5
2.48.2-12.15.1
fixed
suse enterprise sap 15
2.54.3-2.13
fixed
suse enterprise sap 15 SP1
2.54.3-4.10.1
fixed
suse enterprise server 12 SP5
2.48.2-12.15.1
fixed
suse enterprise server 15
2.54.3-2.13
fixed
suse enterprise server 15 SP1
2.54.3-4.10.1
fixed
libgmodule-2_0-0
suse enterprise desktop 15
2.54.3-2.13
fixed
suse enterprise desktop 15 SP1
2.54.3-4.10.1
fixed
suse enterprise sap 12 SP5
2.48.2-12.15.1
fixed
suse enterprise sap 15
2.54.3-2.13
fixed
suse enterprise sap 15 SP1
2.54.3-4.10.1
fixed
suse enterprise server 12 SP5
2.48.2-12.15.1
fixed
suse enterprise server 15
2.54.3-2.13
fixed
suse enterprise server 15 SP1
2.54.3-4.10.1
fixed
libgmodule-2_0-0-32bit
suse enterprise desktop 15
2.54.3-2.13
fixed
suse enterprise desktop 15 SP1
2.54.3-4.10.1
fixed
suse enterprise sap 12 SP5
2.48.2-12.15.1
fixed
suse enterprise sap 15
2.54.3-2.13
fixed
suse enterprise sap 15 SP1
2.54.3-4.10.1
fixed
suse enterprise server 12 SP5
2.48.2-12.15.1
fixed
suse enterprise server 15
2.54.3-2.13
fixed
suse enterprise server 15 SP1
2.54.3-4.10.1
fixed
libgobject-2_0-0
suse enterprise desktop 15
2.54.3-2.13
fixed
suse enterprise desktop 15 SP1
2.54.3-4.10.1
fixed
suse enterprise sap 12 SP5
2.48.2-12.15.1
fixed
suse enterprise sap 15
2.54.3-2.13
fixed
suse enterprise sap 15 SP1
2.54.3-4.10.1
fixed
suse enterprise server 12 SP5
2.48.2-12.15.1
fixed
suse enterprise server 15
2.54.3-2.13
fixed
suse enterprise server 15 SP1
2.54.3-4.10.1
fixed
libgobject-2_0-0-32bit
suse enterprise desktop 15
2.54.3-2.13
fixed
suse enterprise desktop 15 SP1
2.54.3-4.10.1
fixed
suse enterprise sap 12 SP5
2.48.2-12.15.1
fixed
suse enterprise sap 15
2.54.3-2.13
fixed
suse enterprise sap 15 SP1
2.54.3-4.10.1
fixed
suse enterprise server 12 SP5
2.48.2-12.15.1
fixed
suse enterprise server 15
2.54.3-2.13
fixed
suse enterprise server 15 SP1
2.54.3-4.10.1
fixed
libgthread-2_0-0
suse enterprise desktop 15
2.54.3-2.13
fixed
suse enterprise desktop 15 SP1
2.54.3-4.10.1
fixed
suse enterprise sap 12 SP5
2.48.2-12.15.1
fixed
suse enterprise sap 15
2.54.3-2.13
fixed
suse enterprise sap 15 SP1
2.54.3-4.10.1
fixed
suse enterprise server 12 SP5
2.48.2-12.15.1
fixed
suse enterprise server 15
2.54.3-2.13
fixed
suse enterprise server 15 SP1
2.54.3-4.10.1
fixed
libgthread-2_0-0-32bit
suse enterprise sap 12 SP5
2.48.2-12.15.1
fixed
suse enterprise server 12 SP5
2.48.2-12.15.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
dbus
RHEL 6
1:1.2.24-7.el6_3
fixed
dbus-devel
RHEL 6
1:1.2.24-7.el6_3
fixed
dbus-doc
RHEL 6
1:1.2.24-7.el6_3
fixed
dbus-libs
RHEL 6
1:1.2.24-7.el6_3
fixed
dbus-x11
RHEL 6
1:1.2.24-7.el6_3
fixed
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00000.html
http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html
http://rhn.redhat.com/errata/RHSA-2012-1261.html
http://secunia.com/advisories/50537
http://secunia.com/advisories/50544
http://secunia.com/advisories/50710
http://stealth.openwall.net/null/dzug.c
http://www.exploit-db.com/exploits/21323
http://www.mandriva.com/security/advisories?name=MDVSA-2013:070
http://www.mandriva.com/security/advisories?name=MDVSA-2013:083
http://www.openwall.com/lists/oss-security/2012/07/10/4
http://www.openwall.com/lists/oss-security/2012/07/26/1
http://www.openwall.com/lists/oss-security/2012/09/12/6
http://www.openwall.com/lists/oss-security/2012/09/14/2
http://www.openwall.com/lists/oss-security/2012/09/17/2
http://www.securityfocus.com/bid/55517
http://www.ubuntu.com/usn/USN-1576-1
http://www.ubuntu.com/usn/USN-1576-2
https://bugs.freedesktop.org/show_bug.cgi?id=52202
https://bugzilla.novell.com/show_bug.cgi?id=697105
https://bugzilla.redhat.com/show_bug.cgi?id=847402
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00000.html
http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html
http://rhn.redhat.com/errata/RHSA-2012-1261.html
http://secunia.com/advisories/50537
http://secunia.com/advisories/50544
http://secunia.com/advisories/50710
http://stealth.openwall.net/null/dzug.c
http://www.exploit-db.com/exploits/21323
http://www.mandriva.com/security/advisories?name=MDVSA-2013:070
http://www.mandriva.com/security/advisories?name=MDVSA-2013:083
http://www.openwall.com/lists/oss-security/2012/07/10/4
http://www.openwall.com/lists/oss-security/2012/07/26/1
http://www.openwall.com/lists/oss-security/2012/09/12/6
http://www.openwall.com/lists/oss-security/2012/09/14/2
http://www.openwall.com/lists/oss-security/2012/09/17/2
http://www.securityfocus.com/bid/55517
http://www.ubuntu.com/usn/USN-1576-1
http://www.ubuntu.com/usn/USN-1576-2
https://bugs.freedesktop.org/show_bug.cgi?id=52202
https://bugzilla.novell.com/show_bug.cgi?id=697105
https://bugzilla.redhat.com/show_bug.cgi?id=847402