what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2020-12049

Status Candidate

Overview

An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AF_UNIX socket could use this to make the system service reach its file descriptor limit, denying service to subsequent D-Bus clients.

Related Files

D-Bus File Descriptor Leak Denial Of Service
Posted Jun 12, 2023
Authored by GitHub Security Lab

Proof of concept exploit for a D-Bus denial of service condition that can be triggered via a file descriptor leak.

tags | exploit, denial of service, proof of concept
advisories | CVE-2020-12049
SHA-256 | 87e71894350d7dbd3c36666fe7e024bd14e19415a79f2aed19e7d9102383633c
Red Hat Security Advisory 2020-3525-01
Posted Aug 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3525-01 - Quay 3.3.1 release has been released. An issue where build triggers can disclose robot account names and existence of private repos within namespaces has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-11080, CVE-2020-12049, CVE-2020-13777, CVE-2020-14313
SHA-256 | 3f0048d4bdec59a51f24f090fac9217f3567fd502a0907966e5df07b310946ee
Red Hat Security Advisory 2020-3184-01
Posted Aug 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3184-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-12049, CVE-2020-8558
SHA-256 | fead8c89346a428ada920abf3c99087ef68bbb0117cc307f1e85fd0fb4f13182
Red Hat Security Advisory 2020-3298-01
Posted Aug 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3298-01 - D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-12049
SHA-256 | 0e11f5df8ab413e8b8b66ed5ab45db4d86fd9e72490a32e4442647e1a844cf75
Gentoo Linux Security Advisory 202007-46
Posted Jul 27, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-46 - A local Denial of Service vulnerability was discovered in D-Bus. Versions less than 1.12.18 are affected.

tags | advisory, denial of service, local
systems | linux, gentoo
advisories | CVE-2020-12049
SHA-256 | daf600f806489c8d10cac31ed099acbe6eb95975c3b0511575e2eec8930ae2fb
Red Hat Security Advisory 2020-3087-01
Posted Jul 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3087-01 - Red Hat OpenShift Jaeger is Red Hat's distribution of the Jaeger project, tailored for installation into an on-premise OpenShift Container Platform installation.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-12049, CVE-2020-14040
SHA-256 | beb36d6fde9d9b16b89f5ae7ac29137d7e53b66ff31cf855503a76f0b99bc58a
Red Hat Security Advisory 2020-3044-01
Posted Jul 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3044-01 - D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-12049
SHA-256 | 86af9b0d254d89e59c50c512e453a0d5310506958182d78fca104053188d2d90
Red Hat Security Advisory 2020-3014-01
Posted Jul 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3014-01 - D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-12049
SHA-256 | bfd1d50e88455f8cc817c44e67d5141727d322b4c284854a71f2d22c88fa7005
Red Hat Security Advisory 2020-2894-01
Posted Jul 13, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2894-01 - D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-12049
SHA-256 | b6463ccd794ce9b32a252dcb1b09f85d7119abc22cfe12ac3fd777164dd92b73
Ubuntu Security Notice USN-4398-2
Posted Jun 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4398-2 - USN-4398-1 fixed a vulnerability in DBus. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Kevin Backhouse discovered that DBus incorrectly handled file descriptors. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2020-12049
SHA-256 | 63c6f4a87d4f41428eea821ca39cea9993402c16533b4d5baa2b66a91fb0e312
Ubuntu Security Notice USN-4398-1
Posted Jun 16, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4398-1 - Kevin Backhouse discovered that DBus incorrectly handled file descriptors. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2020-12049
SHA-256 | 3954c3057f51bdeea1f0a11fe351cf019773eb2a7c3699a49847b7fc87597e44
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    8 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close