CVE-2014-3638

EUVD-2014-3596
The bus_connections_check_reply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service (CPU consumption) via a large number of method calls.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
Affected Products (NVD)
VendorProductVersion
d-bus_projectd-bus
𝑥
≤ 1.6.22
freedesktopdbus
1.6.0
freedesktopdbus
1.6.2
freedesktopdbus
1.6.4
freedesktopdbus
1.6.6
freedesktopdbus
1.6.8
freedesktopdbus
1.6.10
freedesktopdbus
1.6.12
freedesktopdbus
1.6.14
freedesktopdbus
1.6.16
freedesktopdbus
1.6.18
freedesktopdbus
1.6.20
freedesktopdbus
1.8.0
freedesktopdbus
1.8.2
freedesktopdbus
1.8.4
freedesktopdbus
1.8.6
opensuseopensuse
12.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
dbus
bookworm
1.14.10-1~deb12u1
fixed
bullseye
1.12.28-0+deb11u1
fixed
bullseye (security)
1.12.24-0+deb11u1
fixed
sid
1.14.10-6
fixed
trixie
1.14.10-6
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
dbus
lucid
Fixed 1.2.16-2ubuntu4.8
released
precise
Fixed 1.4.18-1ubuntu1.6
released
trusty
Fixed 1.6.18-0ubuntu4.2
released
Common Weakness Enumeration
References
http://advisories.mageia.org/MGASA-2014-0395.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00026.html
http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html
http://secunia.com/advisories/61378
http://secunia.com/advisories/61431
http://www.debian.org/security/2014/dsa-3026
http://www.mandriva.com/security/advisories?name=MDVSA-2015:176
http://www.openwall.com/lists/oss-security/2014/09/16/9
http://www.securitytracker.com/id/1030864
http://www.ubuntu.com/usn/USN-2352-1
https://bugs.freedesktop.org/show_bug.cgi?id=81053
http://advisories.mageia.org/MGASA-2014-0395.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00026.html
http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html
http://secunia.com/advisories/61378
http://secunia.com/advisories/61431
http://www.debian.org/security/2014/dsa-3026
http://www.mandriva.com/security/advisories?name=MDVSA-2015:176
http://www.openwall.com/lists/oss-security/2014/09/16/9
http://www.securitytracker.com/id/1030864
http://www.ubuntu.com/usn/USN-2352-1
https://bugs.freedesktop.org/show_bug.cgi?id=81053