FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

dbus -- local DoS

Affected packages
1.8.0 <= dbus < 1.8.4
dbus < 1.6.20

Details

VuXML ID 52bbc7e8-f13c-11e3-bc09-bcaec565249c
Discovery 2014-06-10
Entry 2014-06-14

Simon MvVittie reports:

Alban Crequy at Collabora Ltd. discovered and fixed a denial-of-service flaw in dbus-daemon, part of the reference implementation of D-Bus. Additionally, in highly unusual environments the same flaw could lead to a side channel between processes that should not be able to communicate.

References

CVE Name CVE-2014-3477
URL http://lists.freedesktop.org/archives/dbus/2014-June/016220.html