14 lines
1.3 KiB
JSON
14 lines
1.3 KiB
JSON
{
|
|
"id": "openEuler-SA-2022-2001",
|
|
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2022-2001",
|
|
"title": "An update for dbus is now available for openEuler-22.03-LTS",
|
|
"severity": "Medium",
|
|
"description": "\r\n\r\nSecurity Fix(es):\r\n\r\nAn issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.(CVE-2022-42010)\r\n\r\nAn issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.(CVE-2022-42011)\r\n\r\nAn issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format.(CVE-2022-42012)",
|
|
"cves": [
|
|
{
|
|
"id": "CVE-2022-42012",
|
|
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42012",
|
|
"severity": "Medium"
|
|
}
|
|
]
|
|
} |