CVE-2014-3635
Published Sep 22, 2014
Last updated a year ago
Overview
- Description
- Off-by-one error in D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8, when running on a 64-bit system and the max_message_unix_fds limit is set to an odd number, allows local users to cause a denial of service (dbus-daemon crash) or possibly execute arbitrary code by sending one more file descriptor than the limit, which triggers a heap-based buffer overflow or an assertion failure.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.4
- Impact score
- 6.4
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-119
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:d-bus_project:d-bus:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CFAD9C82-0893-47DE-9BE4-7D97EF6E1441",
"versionEndIncluding": "1.6.22"
},
{
"criteria": "cpe:2.3:a:freedesktop:dbus:1.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A772FA8-668B-45AC-9813-0B5ADCE91DD6"
},
{
"criteria": "cpe:2.3:a:freedesktop:dbus:1.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E155EB75-8D98-4469-98CB-81A40ABF0D9C"
},
{
"criteria": "cpe:2.3:a:freedesktop:dbus:1.6.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D6AF8D8-6A4E-4A42-A738-84690B6F9FDC"
},
{
"criteria": "cpe:2.3:a:freedesktop:dbus:1.6.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E598FE36-ABEB-4682-950A-E462CC780F82"
},
{
"criteria": "cpe:2.3:a:freedesktop:dbus:1.6.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE224CED-410C-43D8-9220-0AEF5EB49C8D"
},
{
"criteria": "cpe:2.3:a:freedesktop:dbus:1.6.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A24ED739-0B39-4A70-B7E0-8A859759233D"
},
{
"criteria": "cpe:2.3:a:freedesktop:dbus:1.6.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F89DEA95-DFB8-4D75-BE65-A477972D143E"
},
{
"criteria": "cpe:2.3:a:freedesktop:dbus:1.6.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76BCD0D9-4F06-46E7-8734-AAEE28DD1631"
},
{
"criteria": "cpe:2.3:a:freedesktop:dbus:1.6.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C22CA4E4-458D-465A-8272-473055A608EB"
},
{
"criteria": "cpe:2.3:a:freedesktop:dbus:1.6.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8133A184-FC2E-41AC-B2C2-EFD819B011FC"
},
{
"criteria": "cpe:2.3:a:freedesktop:dbus:1.6.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D5009D1-BDA4-4DFC-A629-07144BDAEC93"
},
{
"criteria": "cpe:2.3:a:freedesktop:dbus:1.8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9AB63C07-1022-4EEE-B419-4E0A80AE64A5"
},
{
"criteria": "cpe:2.3:a:freedesktop:dbus:1.8.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68B161B9-7385-4C0B-AC4D-1145E1004B74"
},
{
"criteria": "cpe:2.3:a:freedesktop:dbus:1.8.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6DD6AAFC-C18F-4AF5-B8D1-82F85F8421DC"
},
{
"criteria": "cpe:2.3:a:freedesktop:dbus:1.8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A214F572-0572-426B-979C-22EB3A43ED6F"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668"
}
],
"operator": "OR"
}
]
}
]