what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2020-12049

Status Candidate

Overview

An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AF_UNIX socket could use this to make the system service reach its file descriptor limit, denying service to subsequent D-Bus clients.

Related Files

D-Bus File Descriptor Leak Denial Of Service
Posted Jun 12, 2023
Authored by GitHub Security Lab

Proof of concept exploit for a D-Bus denial of service condition that can be triggered via a file descriptor leak.

tags | exploit, denial of service, proof of concept
advisories | CVE-2020-12049
SHA-256 | 87e71894350d7dbd3c36666fe7e024bd14e19415a79f2aed19e7d9102383633c
Red Hat Security Advisory 2020-3525-01
Posted Aug 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3525-01 - Quay 3.3.1 release has been released. An issue where build triggers can disclose robot account names and existence of private repos within namespaces has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-11080, CVE-2020-12049, CVE-2020-13777, CVE-2020-14313
SHA-256 | 3f0048d4bdec59a51f24f090fac9217f3567fd502a0907966e5df07b310946ee
Red Hat Security Advisory 2020-3184-01
Posted Aug 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3184-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-12049, CVE-2020-8558
SHA-256 | fead8c89346a428ada920abf3c99087ef68bbb0117cc307f1e85fd0fb4f13182
Red Hat Security Advisory 2020-3298-01
Posted Aug 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3298-01 - D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-12049
SHA-256 | 0e11f5df8ab413e8b8b66ed5ab45db4d86fd9e72490a32e4442647e1a844cf75
Gentoo Linux Security Advisory 202007-46
Posted Jul 27, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-46 - A local Denial of Service vulnerability was discovered in D-Bus. Versions less than 1.12.18 are affected.

tags | advisory, denial of service, local
systems | linux, gentoo
advisories | CVE-2020-12049
SHA-256 | daf600f806489c8d10cac31ed099acbe6eb95975c3b0511575e2eec8930ae2fb
Red Hat Security Advisory 2020-3087-01
Posted Jul 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3087-01 - Red Hat OpenShift Jaeger is Red Hat's distribution of the Jaeger project, tailored for installation into an on-premise OpenShift Container Platform installation.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-12049, CVE-2020-14040
SHA-256 | beb36d6fde9d9b16b89f5ae7ac29137d7e53b66ff31cf855503a76f0b99bc58a
Red Hat Security Advisory 2020-3044-01
Posted Jul 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3044-01 - D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-12049
SHA-256 | 86af9b0d254d89e59c50c512e453a0d5310506958182d78fca104053188d2d90
Red Hat Security Advisory 2020-3014-01
Posted Jul 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3014-01 - D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-12049
SHA-256 | bfd1d50e88455f8cc817c44e67d5141727d322b4c284854a71f2d22c88fa7005
Red Hat Security Advisory 2020-2894-01
Posted Jul 13, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2894-01 - D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-12049
SHA-256 | b6463ccd794ce9b32a252dcb1b09f85d7119abc22cfe12ac3fd777164dd92b73
Ubuntu Security Notice USN-4398-2
Posted Jun 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4398-2 - USN-4398-1 fixed a vulnerability in DBus. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Kevin Backhouse discovered that DBus incorrectly handled file descriptors. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2020-12049
SHA-256 | 63c6f4a87d4f41428eea821ca39cea9993402c16533b4d5baa2b66a91fb0e312
Ubuntu Security Notice USN-4398-1
Posted Jun 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4398-1 - Kevin Backhouse discovered that DBus incorrectly handled file descriptors. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2020-12049
SHA-256 | 3954c3057f51bdeea1f0a11fe351cf019773eb2a7c3699a49847b7fc87597e44
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close