#VU67527 Out-of-bounds read in Linux D-Bus Message Broker
Vulnerability identifier: #VU67527
Vulnerability risk: Low
CVSSv3.1: 3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-125
Exploitation vector: Local
Exploit availability: Yes
Vulnerable software:
Linux D-Bus Message Broker
Universal components / Libraries /
Libraries used by multiple products
Vendor: bus1
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition when parsing DBus service Exec line in c-uitl/c-shquote. A local user can pass specially crafted input to the service, trigger an out-of-bounds read error and perform a denial of service (DoS) attack.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Linux D-Bus Message Broker: 1 - 30
External links
http://sec-consult.com/vulnerability-lab/advisory/memory-corruption-vulnerabilities-dbus-broker/
http://github.com/bus1/dbus-broker/compare/v30...v31
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
