Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2014-3635

Published: 17 September 2014

Off-by-one error in D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8, when running on a 64-bit system and the max_message_unix_fds limit is set to an odd number, allows local users to cause a denial of service (dbus-daemon crash) or possibly execute arbitrary code by sending one more file descriptor than the limit, which triggers a heap-based buffer overflow or an assertion failure.

Notes

AuthorNote
mdeslaur 
only affects >= 1.3.0

Priority

Medium

Status

Package Release Status
dbus
Launchpad, Ubuntu, Debian 		lucid Not vulnerable
(1.2.16-2ubuntu4.7)
precise
Released (1.4.18-1ubuntu1.6)
trusty
Released (1.6.18-0ubuntu4.2)
upstream
Released (1.6.24,1.8.8)
Patches:
upstream: http://cgit.freedesktop.org/dbus/dbus/commit/?id=f70c0e98c5cc6eaae4727d14c389e2504e79e694
upstream: http://cgit.freedesktop.org/dbus/dbus/commit/?id=ee11ec12566afda5dee8a3a834274421a20661de
upstream: http://cgit.freedesktop.org/dbus/dbus/commit/?h=dbus-1.6&id=b1e9a2b4bd858b37c0bc02aa102b97530083a703
upstream: http://cgit.freedesktop.org/dbus/dbus/commit/?h=dbus-1.6&id=94b8d5e7a85bfb6c9a92b8e22e382b2e0ded2b59

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading