dbus variant recursion crash
Bug #688992 reported by
Rémi Denis-Courmont
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
D-Bus |
Fix Released
|
Undecided
|
Unassigned | ||
dbus (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Hardy |
Fix Released
|
Medium
|
Jamie Strandboge | ||
Karmic |
Fix Released
|
Medium
|
Jamie Strandboge | ||
Lucid |
Fix Released
|
Medium
|
Jamie Strandboge | ||
Maverick |
Fix Released
|
Medium
|
Jamie Strandboge | ||
Natty |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Binary package hint: dbus
The bus daemon can be crashed by sending a valid D-Bus message with lots of nested variants.
Further informations are available here: http://
and in the upstream bug.
CVE References
visibility: | private → public |
Changed in dbus (Ubuntu): | |
status: | New → Confirmed |
Changed in dbus (Ubuntu): | |
assignee: | nobody → Jamie Strandboge (jdstrand) |
Changed in dbus (Ubuntu): | |
status: | Confirmed → In Progress |
Changed in dbus: | |
importance: | Unknown → Undecided |
status: | Unknown → New |
status: | New → Fix Released |
Changed in dbus (Ubuntu Lucid): | |
status: | New → In Progress |
importance: | Undecided → Medium |
assignee: | nobody → Jamie Strandboge (jdstrand) |
Changed in dbus (Ubuntu Hardy): | |
status: | New → In Progress |
importance: | Undecided → Medium |
assignee: | nobody → Jamie Strandboge (jdstrand) |
Changed in dbus (Ubuntu Karmic): | |
status: | New → In Progress |
importance: | Undecided → Medium |
assignee: | nobody → Jamie Strandboge (jdstrand) |
To post a comment you must log in.
From oss-security:
"just FYI, particular bugzilla entry now opened: /bugs.freedeskt op.org/ show_bug. cgi?id= 32321
[1] https:/
Issue fixed in dbus-v1.4.1 release: /bugs.freedeskt op.org/ show_bug. cgi?id= 32321#c12
[2] https:/
And relevant changeset (from c#13): cgit.freedeskto p.org/dbus/ dbus/commit/ ?id=7d65a3a6ed8 815e34a99c680ac 3869fde49dbbd4"
[3] http://