QID 354898
Date Published: 2023-04-24
QID 354898: Amazon Linux Security Advisory for dbus : ALAS-2023-1730
An issue was discovered in d-bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2.
An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (
( CVE-2022-42010) an issue was discovered in d-bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2.
An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type. (
( CVE-2022-42011) an issue was discovered in d-bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2.
An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (
( CVE-2022-42012)
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Successful exploitation of this vulnerability could lead to a securitybreach or could affect integrity, availability, and confidentiality.
- ALAS-2023-1730 -
alas.aws.amazon.com/ALAS-2023-1730.html
CVEs related to QID 354898
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| ALAS-2023-1730 | amazon linux |
alas.aws.amazon.com/ALAS-2023-1730.html |