VulnerableCode Package Details - pkg:deb/ubuntu/dbus@1.12.14-1ubuntu2

Search for packages

Package details: pkg:deb/ubuntu/dbus@1.12.14-1ubuntu2

Essentials
History (0)

purl	pkg:deb/ubuntu/dbus@1.12.14-1ubuntu2

Next non-vulnerable version	1.12.14-1ubuntu2.1
Latest non-vulnerable version	1.12.16-2ubuntu2.1
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-36vh-mccp-aaag Aliases: CVE-2020-12049	An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AF_UNIX socket could use this to make the system service reach its file descriptor limit, denying service to subsequent D-Bus clients.	1.12.14-1ubuntu2.1 Affected by 0 other vulnerabilities. 1.12.16-2ubuntu2.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-36vh-mccp-aaag
Aliases:
CVE-2020-12049

An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AF_UNIX socket could use this to make the system service reach its file descriptor limit, denying service to subsequent D-Bus clients.

1.12.14-1ubuntu2.1
Affected by 0 other vulnerabilities.

1.12.16-2ubuntu2.1
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version