CVE-2014-3639

The dbus-daemon in D-Bus before 1.6.24 and 1.8.x before 1.8.8 does not properly close old connections, which allows local users to cause a denial of service (incomplete connection consumption and prevention of new connections) via a large number of incomplete connections.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
VendorProductVersion
opensuseopensuse
12.3
d-bus_projectd-bus
𝑥
≤ 1.6.22
freedesktopdbus
1.6.0
freedesktopdbus
1.6.2
freedesktopdbus
1.6.4
freedesktopdbus
1.6.6
freedesktopdbus
1.6.8
freedesktopdbus
1.6.10
freedesktopdbus
1.6.12
freedesktopdbus
1.6.14
freedesktopdbus
1.6.16
freedesktopdbus
1.6.18
freedesktopdbus
1.6.20
freedesktopdbus
1.8.0
freedesktopdbus
1.8.2
freedesktopdbus
1.8.4
freedesktopdbus
1.8.6
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
dbus
bullseye
1.12.28-0+deb11u1
fixed
bullseye (security)
1.12.24-0+deb11u1
fixed
bookworm
1.14.10-1~deb12u1
fixed
sid
1.14.10-6
fixed
trixie
1.14.10-6
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
dbus
trusty
Fixed 1.6.18-0ubuntu4.2
released
precise
Fixed 1.4.18-1ubuntu1.6
released
lucid
Fixed 1.2.16-2ubuntu4.8
released
Common Weakness Enumeration
References
http://advisories.mageia.org/MGASA-2014-0395.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00026.html
http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html
http://secunia.com/advisories/61378
http://secunia.com/advisories/61431
http://www.debian.org/security/2014/dsa-3026
http://www.mandriva.com/security/advisories?name=MDVSA-2015:176
http://www.openwall.com/lists/oss-security/2014/09/16/9
http://www.securitytracker.com/id/1030864
http://www.ubuntu.com/usn/USN-2352-1
https://bugs.freedesktop.org/show_bug.cgi?id=80919
http://advisories.mageia.org/MGASA-2014-0395.html
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00026.html
http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html
http://secunia.com/advisories/61378
http://secunia.com/advisories/61431
http://www.debian.org/security/2014/dsa-3026
http://www.mandriva.com/security/advisories?name=MDVSA-2015:176
http://www.openwall.com/lists/oss-security/2014/09/16/9
http://www.securitytracker.com/id/1030864
http://www.ubuntu.com/usn/USN-2352-1
https://bugs.freedesktop.org/show_bug.cgi?id=80919