CVE-2014-3636

D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows local users to (1) cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors or (2) cause a denial of service (disconnect) via multiple messages that combine to have more than the allowed number of file descriptors for a single sendmsg call.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
1.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 26%
Affected Products (NVD)
VendorProductVersion
d-bus_projectd-bus
𝑥
≤ 1.6.22
freedesktopdbus
1.8.0
freedesktopdbus
1.8.2
freedesktopdbus
1.8.4
freedesktopdbus
1.8.6
opensuseopensuse
12.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
dbus
bookworm
1.14.10-1~deb12u1
fixed
bullseye
1.12.28-0+deb11u1
fixed
bullseye (security)
1.12.24-0+deb11u1
fixed
sid
1.14.10-6
fixed
squeeze
not-affected
trixie
1.14.10-6
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
dbus
lucid
not-affected
precise
Fixed 1.4.18-1ubuntu1.6
released
trusty
Fixed 1.6.18-0ubuntu4.2
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
dbus-1
suse enterprise desktop 15
1.12.2-1.76
fixed
suse enterprise desktop 15 SP1
1.12.2-6.21
fixed
suse enterprise desktop 15 SP2
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP3
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise desktop 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise desktop 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise desktop 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise sap 12
1.8.12-6.5
fixed
suse enterprise sap 12 SP5
1.8.22-9.38
fixed
suse enterprise sap 15
1.12.2-1.76
fixed
suse enterprise sap 15 SP1
1.12.2-6.21
fixed
suse enterprise sap 15 SP2
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP3
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise sap 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise sap 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise sap 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise server 12
1.8.12-6.5
fixed
suse enterprise server 12 SP5
1.8.22-9.38
fixed
suse enterprise server 15
1.12.2-1.76
fixed
suse enterprise server 15 SP1
1.12.2-6.21
fixed
suse enterprise server 15 SP2
1.12.2-8.3.1
fixed
suse enterprise server 15 SP3
1.12.2-8.3.1
fixed
suse enterprise server 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise server 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise server 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise server 15 SP7
1.12.2-150400.18.8.1
fixed
dbus-1-devel
suse enterprise desktop 15
1.12.2-1.76
fixed
suse enterprise desktop 15 SP1
1.12.2-6.21
fixed
suse enterprise desktop 15 SP2
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP3
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise desktop 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise desktop 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise desktop 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise sap 15
1.12.2-1.76
fixed
suse enterprise sap 15 SP1
1.12.2-6.21
fixed
suse enterprise sap 15 SP2
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP3
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise sap 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise sap 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise sap 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise server 15
1.12.2-1.76
fixed
suse enterprise server 15 SP1
1.12.2-6.21
fixed
suse enterprise server 15 SP2
1.12.2-8.3.1
fixed
suse enterprise server 15 SP3
1.12.2-8.3.1
fixed
suse enterprise server 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise server 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise server 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise server 15 SP7
1.12.2-150400.18.8.1
fixed
dbus-1-x11
suse enterprise desktop 15
1.12.2-1.23
fixed
suse enterprise desktop 15 SP1
1.12.2-6.16
fixed
suse enterprise desktop 15 SP2
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP3
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP4
1.12.2-150400.16.5
fixed
suse enterprise desktop 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise desktop 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise desktop 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise sap 12
1.8.12-6.5
fixed
suse enterprise sap 12 SP5
1.8.22-9.38
fixed
suse enterprise sap 15
1.12.2-1.23
fixed
suse enterprise sap 15 SP1
1.12.2-6.16
fixed
suse enterprise sap 15 SP2
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP3
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP4
1.12.2-150400.16.5
fixed
suse enterprise sap 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise sap 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise sap 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise server 12
1.8.12-6.5
fixed
suse enterprise server 12 SP5
1.8.22-9.38
fixed
suse enterprise server 15
1.12.2-1.23
fixed
suse enterprise server 15 SP1
1.12.2-6.16
fixed
suse enterprise server 15 SP2
1.12.2-8.3.1
fixed
suse enterprise server 15 SP3
1.12.2-8.3.1
fixed
suse enterprise server 15 SP4
1.12.2-150400.16.5
fixed
suse enterprise server 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise server 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise server 15 SP7
1.12.2-150400.18.8.1
fixed
libdbus-1-3
suse enterprise desktop 15
1.12.2-1.76
fixed
suse enterprise desktop 15 SP1
1.12.2-6.21
fixed
suse enterprise desktop 15 SP2
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP3
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise desktop 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise desktop 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise desktop 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise sap 12
1.8.12-6.1
fixed
suse enterprise sap 12 SP5
1.8.22-9.28
fixed
suse enterprise sap 15
1.12.2-1.76
fixed
suse enterprise sap 15 SP1
1.12.2-6.21
fixed
suse enterprise sap 15 SP2
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP3
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise sap 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise sap 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise sap 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise server 12
1.8.12-6.1
fixed
suse enterprise server 12 SP5
1.8.22-9.28
fixed
suse enterprise server 15
1.12.2-1.76
fixed
suse enterprise server 15 SP1
1.12.2-6.21
fixed
suse enterprise server 15 SP2
1.12.2-8.3.1
fixed
suse enterprise server 15 SP3
1.12.2-8.3.1
fixed
suse enterprise server 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise server 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise server 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise server 15 SP7
1.12.2-150400.18.8.1
fixed
libdbus-1-3-32bit
suse enterprise desktop 15
1.12.2-1.76
fixed
suse enterprise desktop 15 SP1
1.12.2-6.21
fixed
suse enterprise desktop 15 SP2
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP3
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise desktop 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise desktop 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise desktop 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise sap 12
1.8.12-6.1
fixed
suse enterprise sap 12 SP5
1.8.22-9.28
fixed
suse enterprise sap 15
1.12.2-1.76
fixed
suse enterprise sap 15 SP1
1.12.2-6.21
fixed
suse enterprise sap 15 SP2
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP3
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise sap 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise sap 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise sap 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise server 12
1.8.12-6.1
fixed
suse enterprise server 12 SP5
1.8.22-9.28
fixed
suse enterprise server 15
1.12.2-1.76
fixed
suse enterprise server 15 SP1
1.12.2-6.21
fixed
suse enterprise server 15 SP2
1.12.2-8.3.1
fixed
suse enterprise server 15 SP3
1.12.2-8.3.1
fixed
suse enterprise server 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise server 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise server 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise server 15 SP7
1.12.2-150400.18.8.1
fixed
Common Weakness Enumeration
References
http://advisories.mageia.org/MGASA-2014-0395.html
http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html
http://secunia.com/advisories/61378
http://www.debian.org/security/2014/dsa-3026
http://www.mandriva.com/security/advisories?name=MDVSA-2015:176
http://www.openwall.com/lists/oss-security/2014/09/16/9
http://www.securitytracker.com/id/1030864
http://www.ubuntu.com/usn/USN-2352-1
https://bugs.freedesktop.org/show_bug.cgi?id=82820
http://advisories.mageia.org/MGASA-2014-0395.html
http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html
http://secunia.com/advisories/61378
http://www.debian.org/security/2014/dsa-3026
http://www.mandriva.com/security/advisories?name=MDVSA-2015:176
http://www.openwall.com/lists/oss-security/2014/09/16/9
http://www.securitytracker.com/id/1030864
http://www.ubuntu.com/usn/USN-2352-1
https://bugs.freedesktop.org/show_bug.cgi?id=82820