| Name | TEMP-0000000-4DA0A8 |
| Description | dbus format string vulnerability |
| Source | Automatically generated temporary name. Not for external reference. |
Vulnerable and fixed packages
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|
| dbus (PTS) | jessie, jessie (lts) | 1.8.22-0+deb8u5 | fixed |
| stretch (security) | 1.10.28-0+deb9u1 | fixed |
| stretch (lts), stretch | 1.10.32-0+deb9u3 | fixed |
| buster | 1.12.20-0+deb10u1 | fixed |
| buster (security) | 1.12.28-0+deb10u1 | fixed |
| bullseye | 1.12.28-0+deb11u1 | fixed |
| bullseye (security) | 1.12.24-0+deb11u1 | fixed |
| bookworm | 1.14.10-1~deb12u1 | fixed |
| sid, trixie | 1.14.10-4 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|
| dbus | source | jessie | 1.8.22-0+deb8u1 | | | |
| dbus | source | (unstable) | 1.10.12-1 | | | |
Notes
[wheezy] - dbus <no-dsa> (Minor issue)
https://bugs.freedesktop.org/show_bug.cgi?id=98157
Versions affected: dbus >= 1.4.0
Fixed in: dbus >= 1.11.6, 1.10.x >= 1.10.12, 1.8.x >= 1.8.22
CVE Request: https://www.openwall.com/lists/oss-security/2016/10/10/9
In Debian CVE-2015-0245 was already fixed, and this issue is
not believed to be exploitable in practice, because the relevant
message is ignored unless it comes from the owner of the bus name
org.freedesktop.systemd1. On the system bus, this bus name is only
allowed to be owned by uid 0; it is intended to be owned by systemd,
and no mechanism is currently known by which an attacker who does not
already have root privileges could induce systemd to send messages
that would trigger the format string vulnerability.