CVE-2014-3638
Published: 17 September 2014
The bus_connections_check_reply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service (CPU consumption) via a large number of method calls.
Priority
Status
Package | Release | Status |
---|---|---|
dbus Launchpad, Ubuntu, Debian |
lucid |
Released
(1.2.16-2ubuntu4.8)
|
precise |
Released
(1.4.18-1ubuntu1.6)
|
|
trusty |
Released
(1.6.18-0ubuntu4.2)
|
|
upstream |
Released
(1.6.24,1.8.8)
|
|
Patches: upstream: http://cgit.freedesktop.org/dbus/dbus/commit/?id=5bc7f9519ebc6117ba300c704794b36b87c2194b upstream: http://cgit.freedesktop.org/dbus/dbus/commit/?h=dbus-1.6&id=6060aaa0ea1e9bbe1dd7a1864c8df52e333a45ee |