{ "id": "CVE-2015-0245", "sourceIdentifier": "secalert@redhat.com", "published": "2015-02-13T15:59:08.337", "lastModified": "2018-10-30T16:27:35.843", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9.x before 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service (activation failure error returned) by leveraging a race condition involving sending an ActivationFailure signal before systemd responds." }, { "lang": "es", "value": "D-Bus 1.4.x hasta 1.6.x anterior a 1.6.30, 1.8.x anterior a 1.8.16, y 1.9.x anterior a 1.9.10 no valida la fuente de los se\u00f1ales ActivationFailure, lo que permite a usuarios locales causar una denegaci\u00f3n de servicio (retorno del error del fallo de activaci\u00f3n) mediante el aprovechamiento de una condici\u00f3n de carrera que involucra el env\u00edo de un se\u00f1al ActivationFailure antes de que systemd responda." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P", "accessVector": "LOCAL", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 1.9 }, "baseSeverity": "LOW", "exploitabilityScore": 3.4, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-362" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "3B8ED6AB-77DC-4DF5-8F28-6080AD6276C1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "8CF02620-0B36-46F1-A451-EB4D62528FA4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "F9EBC47A-EF8A-4530-825C-D3A4EF41D499" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "5591F2AD-5A1E-4D85-B020-366FF9A14343" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "C3FACBCB-5559-4669-8904-3DDC8D3CE7AE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "4F681C22-2CB5-4158-A2DB-ACFA5991C489" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "968453D0-C3FD-4933-9DAC-C1B0FA5FCE88" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "9F5A9259-A253-4570-BAFF-88E25811CA3D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.4.16:*:*:*:*:*:*:*", "matchCriteriaId": "B5416A2A-9560-4213-BBA6-4EF3CBC94062" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.4.18:*:*:*:*:*:*:*", "matchCriteriaId": "4DC42D88-B3A0-4A1A-8D51-C7DC48EC519E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.4.20:*:*:*:*:*:*:*", "matchCriteriaId": "12891B02-8C2C-4C8C-AE8C-2A07F8439A4B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.4.24:*:*:*:*:*:*:*", "matchCriteriaId": "8AD04CC4-1C7D-4F9E-A135-AC4F3AEA8659" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.4.26:*:*:*:*:*:*:*", "matchCriteriaId": "4378D207-FCDC-44F3-8119-F7538C9F6557" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "FE0A3BBA-6813-403E-AE1A-D518A6E8AD3B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF81A16D-5E9D-4CB6-B0EF-A952460755C4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "B75DB9A6-CF90-44AE-A463-13A8284EF89F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "15B47AA0-D089-4D74-B5B9-6F41BCEBD59A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "9B3F0B45-C507-476D-A1DF-9C35A679A93A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.5.10:*:*:*:*:*:*:*", "matchCriteriaId": "5695DC35-9516-4F22-A3B1-397593AC387F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.5.12:*:*:*:*:*:*:*", "matchCriteriaId": "52FA8F53-446C-4731-B2F2-876F30A44455" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "0629659A-0F73-44C2-B08D-FE7B24BB0275" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "1474110D-30DE-42EF-B297-4AA40FA6FEE0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8D722644-56E1-45D0-A6B8-0E2EC500FBDD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "F81DA298-023B-4717-AD9E-4F16267EBBEE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "58DF0919-8B37-42B8-A376-5762DDD5DAFB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.6.10:*:*:*:*:*:*:*", "matchCriteriaId": "2246B6B5-5884-4309-8AB2-971FEA908ABE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.6.12:*:*:*:*:*:*:*", "matchCriteriaId": "4CC5055F-C02B-4809-9051-ECE5120D9468" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.6.14:*:*:*:*:*:*:*", "matchCriteriaId": "EF92A2B1-D8F1-44B9-9522-709A98193AC8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.6.16:*:*:*:*:*:*:*", "matchCriteriaId": "7BF5E844-2D52-4D21-B6AA-4BD2D0E09C2A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.6.18:*:*:*:*:*:*:*", "matchCriteriaId": "C4FAC794-A22B-4185-9EA2-D5D68B5B2E20" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.6.20:*:*:*:*:*:*:*", "matchCriteriaId": "61D66D4A-5CD6-4BBF-AED4-A4BC48630798" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.6.22:*:*:*:*:*:*:*", "matchCriteriaId": "7D6BF83E-001A-41AC-BB3B-B08D0045F935" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.6.24:*:*:*:*:*:*:*", "matchCriteriaId": "2EE68F61-1EC0-49A2-91D1-0A7CB898B139" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.6.26:*:*:*:*:*:*:*", "matchCriteriaId": "5DE4F5DB-9E73-470D-AC26-2AC14645AAE8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.6.28:*:*:*:*:*:*:*", "matchCriteriaId": "9821EB34-BAF5-4365-9C5B-232E3C6149FF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "AB389DE5-17B4-4C6F-895C-D85FC821A5F2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "EF4BEAB4-A3E3-4ACB-8BCE-23E269B4E4E5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "D6BF4C2F-6DC3-4FFF-B870-F9B62A9639D9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "A0293B4E-AAA4-47C1-9B11-59F9800700CC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.8.8:*:*:*:*:*:*:*", "matchCriteriaId": "D7C28BD1-FB53-4CAA-B71B-E40EC07FBB81" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.8.10:*:*:*:*:*:*:*", "matchCriteriaId": "BD6DF8CD-AB33-4A88-B2D3-D8A73763356C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.8.12:*:*:*:*:*:*:*", "matchCriteriaId": "05CD1349-F680-4124-950B-A19DA69FD225" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.8.14:*:*:*:*:*:*:*", "matchCriteriaId": "2FC2CE34-D4FD-41C2-868E-8F605463D4B4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "9D8C0CC4-9B87-460B-BF12-4B15CCB18BAC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "73A9A704-FF6C-4C0D-8FB5-DAC6390F085A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "9953D8DF-A5AB-4A66-977C-F6C0A080D385" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "FC7879B3-7C2B-41FA-870E-B998347704DA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:d-bus_project:d-bus:1.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "48547105-EC91-48B4-AF45-01B451B61DCD" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081" } ] } ] } ], "references": [ { "url": "http://advisories.mageia.org/MGASA-2015-0071.html", "source": "secalert@redhat.com" }, { "url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00066.html", "source": "secalert@redhat.com" }, { "url": "http://www.debian.org/security/2015/dsa-3161", "source": "secalert@redhat.com" }, { "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:176", "source": "secalert@redhat.com" }, { "url": "http://www.openwall.com/lists/oss-security/2015/02/09/6", "source": "secalert@redhat.com" }, { "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "source": "secalert@redhat.com" } ] }