Buffer overflow in dbus (Alpine package)

1) Buffer overflow

EUVDB-ID: #VU32482

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2014-3635

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local non-authenticated attacker to read and manipulate data.

Off-by-one error in D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8, when running on a 64-bit system and the max_message_unix_fds limit is set to an odd number, allows local users to cause a denial of service (dbus-daemon crash) or possibly execute arbitrary code by sending one more file descriptor than the limit, which triggers a heap-based buffer overflow or an assertion failure.

Mitigation

Install update from vendor's website.

Vulnerable software versions

dbus (Alpine package): 1.6.8-r0 - 1.6.22-r0

CPE2.3

• cpe:2.3:a:alpine:dbus_alpine_package:1.6.8-r0:*:*:*:*:alpine_linux:*:2.4
• cpe:2.3:a:alpine:dbus_alpine_package:1.6.10-r0:*:*:*:*:alpine_linux:*:2.6
• cpe:2.3:a:alpine:dbus_alpine_package:1.6.12-r0:*:*:*:*:alpine_linux:*:2.6

External links

https://git.alpinelinux.org/aports/commit/?id=256f4e7e9f920e61c9a0f213d108851dd6eee97c
https://git.alpinelinux.org/aports/commit/?id=d02e78275a3bb690d9d8099bf31ff92e3a9e68fe
https://git.alpinelinux.org/aports/commit/?id=805a5164875cd3f789db8929be1b6c9380f98d98
https://git.alpinelinux.org/aports/commit/?id=c3b756f3144debef12e39f410d862ad4a3a4f3d1

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.