CVE-2014-3532

Published Jul 19, 2014

Last updated 3 months ago

CVSS info 2.1

Overview

Description: dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum recursion depth before the initial message is forwarded.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "014545A6-0813-49A4-B85B-1A17B9375102",
            "versionEndExcluding": "1.6.22",
            "versionStartIncluding": "1.3.0"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:dbus:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43371D3E-BE49-4449-B10A-C9AEE9007B8A",
            "versionEndExcluding": "1.8.6",
            "versionStartIncluding": "1.8.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "104AEA5F-7AE2-41AA-BEF1-F71BB6D45788",
            "versionStartIncluding": "2.6.38"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:-:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "79F8D440-02E8-4BF7-8F56-31E4F349166B"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc4:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F157225D-C62C-465D-A758-DE6A6C48C397"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc5:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "77BB49A9-39D0-49C4-A241-D1537590F508"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc6:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1BE3273F-0DB1-4607-B92B-C0A7BC099C91"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc7:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9BAF52C2-38F2-45C0-B6E7-7096B8A4FEEC"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc8:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "13205DB7-6988-4D68-A944-B1EA3C145B9E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76F1E356-E019-47E8-AA5F-702DA93CF74E"
          },
          {
            "criteria": "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F805A106-9A6F-48E7-8582-D3C5A26DFC11"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79A602C5-61FE-47BA-9786-F045B6C6DBA8"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References