CVE-2014-3637

D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 does not properly close connections for processes that have terminated, which allows local users to cause a denial of service via a D-bus message containing a D-Bus connection file descriptor.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
Affected Products (NVD)
VendorProductVersion
freedesktopdbus
1.3.0
freedesktopdbus
1.3.1
freedesktopdbus
1.4.0
freedesktopdbus
1.4.1
freedesktopdbus
1.4.4
freedesktopdbus
1.4.6
freedesktopdbus
1.4.8
freedesktopdbus
1.4.10
freedesktopdbus
1.4.12
freedesktopdbus
1.4.14
freedesktopdbus
1.4.16
freedesktopdbus
1.4.18
freedesktopdbus
1.4.20
freedesktopdbus
1.4.22
freedesktopdbus
1.4.24
freedesktopdbus
1.4.26
freedesktopdbus
1.5.0
freedesktopdbus
1.5.2
freedesktopdbus
1.5.4
freedesktopdbus
1.5.6
freedesktopdbus
1.5.8
freedesktopdbus
1.5.10
freedesktopdbus
1.5.12
freedesktopdbus
1.6.0
freedesktopdbus
1.6.2
freedesktopdbus
1.6.4
freedesktopdbus
1.6.6
freedesktopdbus
1.6.8
freedesktopdbus
1.6.10
freedesktopdbus
1.6.12
freedesktopdbus
1.6.14
freedesktopdbus
1.6.16
freedesktopdbus
1.6.18
freedesktopdbus
1.6.20
freedesktopdbus
1.6.22
freedesktopdbus
1.8.0
freedesktopdbus
1.8.2
freedesktopdbus
1.8.4
freedesktopdbus
1.8.6
opensuseopensuse
12.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
dbus
bookworm
1.14.10-1~deb12u1
fixed
bullseye
1.12.28-0+deb11u1
fixed
bullseye (security)
1.12.24-0+deb11u1
fixed
sid
1.14.10-6
fixed
squeeze
not-affected
trixie
1.14.10-6
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
dbus
lucid
not-affected
precise
Fixed 1.4.18-1ubuntu1.6
released
trusty
Fixed 1.6.18-0ubuntu4.2
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
dbus-1
suse enterprise desktop 15
1.12.2-1.76
fixed
suse enterprise desktop 15 SP1
1.12.2-6.21
fixed
suse enterprise desktop 15 SP2
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP3
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise desktop 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise desktop 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise desktop 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise sap 12 SP5
1.8.22-9.38
fixed
suse enterprise sap 15
1.12.2-1.76
fixed
suse enterprise sap 15 SP1
1.12.2-6.21
fixed
suse enterprise sap 15 SP2
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP3
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise sap 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise sap 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise sap 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise server 12 SP5
1.8.22-9.38
fixed
suse enterprise server 15
1.12.2-1.76
fixed
suse enterprise server 15 SP1
1.12.2-6.21
fixed
suse enterprise server 15 SP2
1.12.2-8.3.1
fixed
suse enterprise server 15 SP3
1.12.2-8.3.1
fixed
suse enterprise server 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise server 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise server 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise server 15 SP7
1.12.2-150400.18.8.1
fixed
dbus-1-devel
suse enterprise desktop 15
1.12.2-1.76
fixed
suse enterprise desktop 15 SP1
1.12.2-6.21
fixed
suse enterprise desktop 15 SP2
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP3
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise desktop 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise desktop 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise desktop 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise sap 15
1.12.2-1.76
fixed
suse enterprise sap 15 SP1
1.12.2-6.21
fixed
suse enterprise sap 15 SP2
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP3
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise sap 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise sap 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise sap 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise server 15
1.12.2-1.76
fixed
suse enterprise server 15 SP1
1.12.2-6.21
fixed
suse enterprise server 15 SP2
1.12.2-8.3.1
fixed
suse enterprise server 15 SP3
1.12.2-8.3.1
fixed
suse enterprise server 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise server 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise server 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise server 15 SP7
1.12.2-150400.18.8.1
fixed
dbus-1-x11
suse enterprise desktop 15
1.12.2-1.23
fixed
suse enterprise desktop 15 SP1
1.12.2-6.16
fixed
suse enterprise desktop 15 SP2
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP3
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP4
1.12.2-150400.16.5
fixed
suse enterprise desktop 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise desktop 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise desktop 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise sap 12 SP5
1.8.22-9.38
fixed
suse enterprise sap 15
1.12.2-1.23
fixed
suse enterprise sap 15 SP1
1.12.2-6.16
fixed
suse enterprise sap 15 SP2
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP3
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP4
1.12.2-150400.16.5
fixed
suse enterprise sap 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise sap 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise sap 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise server 12 SP5
1.8.22-9.38
fixed
suse enterprise server 15
1.12.2-1.23
fixed
suse enterprise server 15 SP1
1.12.2-6.16
fixed
suse enterprise server 15 SP2
1.12.2-8.3.1
fixed
suse enterprise server 15 SP3
1.12.2-8.3.1
fixed
suse enterprise server 15 SP4
1.12.2-150400.16.5
fixed
suse enterprise server 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise server 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise server 15 SP7
1.12.2-150400.18.8.1
fixed
libdbus-1-3
suse enterprise desktop 15
1.12.2-1.76
fixed
suse enterprise desktop 15 SP1
1.12.2-6.21
fixed
suse enterprise desktop 15 SP2
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP3
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise desktop 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise desktop 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise desktop 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise sap 12 SP5
1.8.22-9.28
fixed
suse enterprise sap 15
1.12.2-1.76
fixed
suse enterprise sap 15 SP1
1.12.2-6.21
fixed
suse enterprise sap 15 SP2
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP3
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise sap 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise sap 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise sap 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise server 12 SP5
1.8.22-9.28
fixed
suse enterprise server 15
1.12.2-1.76
fixed
suse enterprise server 15 SP1
1.12.2-6.21
fixed
suse enterprise server 15 SP2
1.12.2-8.3.1
fixed
suse enterprise server 15 SP3
1.12.2-8.3.1
fixed
suse enterprise server 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise server 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise server 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise server 15 SP7
1.12.2-150400.18.8.1
fixed
libdbus-1-3-32bit
suse enterprise desktop 15
1.12.2-1.76
fixed
suse enterprise desktop 15 SP1
1.12.2-6.21
fixed
suse enterprise desktop 15 SP2
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP3
1.12.2-8.3.1
fixed
suse enterprise desktop 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise desktop 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise desktop 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise desktop 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise sap 12 SP5
1.8.22-9.28
fixed
suse enterprise sap 15
1.12.2-1.76
fixed
suse enterprise sap 15 SP1
1.12.2-6.21
fixed
suse enterprise sap 15 SP2
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP3
1.12.2-8.3.1
fixed
suse enterprise sap 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise sap 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise sap 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise sap 15 SP7
1.12.2-150400.18.8.1
fixed
suse enterprise server 12 SP5
1.8.22-9.28
fixed
suse enterprise server 15
1.12.2-1.76
fixed
suse enterprise server 15 SP1
1.12.2-6.21
fixed
suse enterprise server 15 SP2
1.12.2-8.3.1
fixed
suse enterprise server 15 SP3
1.12.2-8.3.1
fixed
suse enterprise server 15 SP4
1.12.2-150400.16.52
fixed
suse enterprise server 15 SP5
1.12.2-150400.18.5.1
fixed
suse enterprise server 15 SP6
1.12.2-150400.18.8.1
fixed
suse enterprise server 15 SP7
1.12.2-150400.18.8.1
fixed
Common Weakness Enumeration
References
http://advisories.mageia.org/MGASA-2014-0395.html
http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html
http://secunia.com/advisories/61378
http://www.debian.org/security/2014/dsa-3026
http://www.mandriva.com/security/advisories?name=MDVSA-2015:176
http://www.openwall.com/lists/oss-security/2014/09/16/9
http://www.openwall.com/lists/oss-security/2019/06/24/13
http://www.openwall.com/lists/oss-security/2019/06/24/14
http://www.securitytracker.com/id/1030864
http://www.ubuntu.com/usn/USN-2352-1
https://bugs.freedesktop.org/show_bug.cgi?id=80559
http://advisories.mageia.org/MGASA-2014-0395.html
http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html
http://secunia.com/advisories/61378
http://www.debian.org/security/2014/dsa-3026
http://www.mandriva.com/security/advisories?name=MDVSA-2015:176
http://www.openwall.com/lists/oss-security/2014/09/16/9
http://www.openwall.com/lists/oss-security/2019/06/24/13
http://www.openwall.com/lists/oss-security/2019/06/24/14
http://www.securitytracker.com/id/1030864
http://www.ubuntu.com/usn/USN-2352-1
https://bugs.freedesktop.org/show_bug.cgi?id=80559