Home

CVE-2020-12049

Description

An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system services private AF_UNIX socket could use this to make the system service reach its file descriptor limit, denying service to subsequent D-Bus clients.

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.093

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in IBM Security Guardium 10.5Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 10.6Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.1Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.2Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.3Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.0Windows
simple interprocess messaging system (USN-4398-1) dbus_1.10.6-1ubuntu3.6_i386.debLinux
simple interprocess messaging system (USN-4398-1) dbus_1.10.6-1ubuntu3.6_amd64.debLinux
simple interprocess messaging system (USN-4398-1) dbus_1.12.2-1ubuntu1.2_i386.debLinux
simple interprocess messaging system (USN-4398-1) dbus_1.12.2-1ubuntu1.2_amd64.debLinux
simple interprocess messaging system (USN-4398-1) dbus_1.12.14-1ubuntu2.1_i386.debLinux
simple interprocess messaging system (USN-4398-1) dbus_1.12.14-1ubuntu2.1_amd64.debLinux
simple interprocess messaging system (USN-4398-1) dbus_1.12.16-2ubuntu2.1_i386.debLinux
simple interprocess messaging system (USN-4398-1) dbus_1.12.16-2ubuntu2.1_amd64.debLinux
simple interprocess messaging system (USN-4398-1) libdbus-1-3_1.10.6-1ubuntu3.6_i386.debLinux
simple interprocess messaging system (USN-4398-1) libdbus-1-3_1.10.6-1ubuntu3.6_amd64.debLinux
simple interprocess messaging system (USN-4398-1) libdbus-1-3_1.12.2-1ubuntu1.2_i386.debLinux
simple interprocess messaging system (USN-4398-1) libdbus-1-3_1.12.2-1ubuntu1.2_amd64.debLinux
simple interprocess messaging system (USN-4398-1) libdbus-1-3_1.12.14-1ubuntu2.1_i386.debLinux
simple interprocess messaging system (USN-4398-1) libdbus-1-3_1.12.14-1ubuntu2.1_amd64.debLinux
simple interprocess messaging system (USN-4398-1) libdbus-1-3_1.12.16-2ubuntu2.1_i386.debLinux
simple interprocess messaging system (USN-4398-1) libdbus-1-3_1.12.16-2ubuntu2.1_amd64.debLinux
(RHSA-2020:2894) dbus security update dbus-1.10.24-14.el7_8.x86_64.rpmLinux
(RHSA-2020:2894) dbus security update dbus-devel-1.10.24-14.el7_8.i686.rpmLinux
(RHSA-2020:2894) dbus security update dbus-devel-1.10.24-14.el7_8.x86_64.rpmLinux
(RHSA-2020:2894) dbus security update dbus-doc-1.10.24-14.el7_8.noarch.rpmLinux
(RHSA-2020:2894) dbus security update dbus-libs-1.10.24-14.el7_8.i686.rpmLinux
(RHSA-2020:2894) dbus security update dbus-libs-1.10.24-14.el7_8.x86_64.rpmLinux
(RHSA-2020:2894) dbus security update dbus-tests-1.10.24-14.el7_8.x86_64.rpmLinux
(RHSA-2020:2894) dbus security update dbus-x11-1.10.24-14.el7_8.x86_64.rpmLinux
(RHSA-2020:3014) dbus security update dbus-1.12.8-10.el8_2.x86_64.rpmLinux
(RHSA-2020:3014) dbus security update dbus-common-1.12.8-10.el8_2.noarch.rpmLinux
(RHSA-2020:3014) dbus security update dbus-daemon-1.12.8-10.el8_2.x86_64.rpmLinux
(RHSA-2020:3014) dbus security update dbus-debugsource-1.12.8-10.el8_2.i686.rpmLinux
(RHSA-2020:3014) dbus security update dbus-debugsource-1.12.8-10.el8_2.x86_64.rpmLinux
(RHSA-2020:3014) dbus security update dbus-devel-1.12.8-10.el8_2.i686.rpmLinux
(RHSA-2020:3014) dbus security update dbus-devel-1.12.8-10.el8_2.x86_64.rpmLinux
(RHSA-2020:3014) dbus security update dbus-libs-1.12.8-10.el8_2.i686.rpmLinux
(RHSA-2020:3014) dbus security update dbus-libs-1.12.8-10.el8_2.x86_64.rpmLinux
(RHSA-2020:3014) dbus security update dbus-tools-1.12.8-10.el8_2.x86_64.rpmLinux
(RHSA-2020:3014) dbus security update dbus-x11-1.12.8-10.el8_2.x86_64.rpmLinux
Dbus update (ELSA-2020-3014) dbus-1.12.8-10.0.1.el8_2.x86_64.rpmLinux
Dbus-daemon update (ELSA-2020-3014) dbus-daemon-1.12.8-10.0.1.el8_2.x86_64.rpmLinux
Dbus-devel update (ELSA-2020-3014) dbus-devel-1.12.8-10.0.1.el8_2.x86_64.rpmLinux
Dbus-libs update (ELSA-2020-3014) dbus-libs-1.12.8-10.0.1.el8_2.x86_64.rpmLinux
Dbus-tools update (ELSA-2020-3014) dbus-tools-1.12.8-10.0.1.el8_2.x86_64.rpmLinux
Dbus-x11 update (ELSA-2020-3014) dbus-x11-1.12.8-10.0.1.el8_2.x86_64.rpmLinux
Dbus-common update (ELSA-2020-3014) dbus-common-1.12.8-10.0.1.el8_2.noarch.rpmLinux
Dbus-devel update (ELSA-2020-3014) dbus-devel-1.12.8-10.0.1.el8_2.i686.rpmLinux
Dbus-libs update (ELSA-2020-3014) dbus-libs-1.12.8-10.0.1.el8_2.i686.rpmLinux
(CESA-2020:3014) dbus security update dbus-1.12.8-10.el8_2.x86_64.rpmLinux
(CESA-2020:3014) dbus security update dbus-common-1.12.8-10.el8_2.noarch.rpmLinux
(CESA-2020:3014) dbus security update dbus-daemon-1.12.8-10.el8_2.x86_64.rpmLinux
(CESA-2020:3014) dbus security update dbus-devel-1.12.8-10.el8_2.i686.rpmLinux
(CESA-2020:3014) dbus security update dbus-devel-1.12.8-10.el8_2.x86_64.rpmLinux
(CESA-2020:3014) dbus security update dbus-libs-1.12.8-10.el8_2.i686.rpmLinux
(CESA-2020:3014) dbus security update dbus-libs-1.12.8-10.el8_2.x86_64.rpmLinux
(CESA-2020:3014) dbus security update dbus-tools-1.12.8-10.el8_2.x86_64.rpmLinux
(CESA-2020:3014) dbus security update dbus-x11-1.12.8-10.el8_2.x86_64.rpmLinux
(CESA-2020:2894) dbus security update dbus-1.10.24-14.el7_8.x86_64.rpmLinux
(CESA-2020:2894) dbus security update dbus-devel-1.10.24-14.el7_8.i686.rpmLinux
(CESA-2020:2894) dbus security update dbus-devel-1.10.24-14.el7_8.x86_64.rpmLinux
(CESA-2020:2894) dbus security update dbus-doc-1.10.24-14.el7_8.noarch.rpmLinux
(CESA-2020:2894) dbus security update dbus-libs-1.10.24-14.el7_8.i686.rpmLinux
(CESA-2020:2894) dbus security update dbus-libs-1.10.24-14.el7_8.x86_64.rpmLinux
(CESA-2020:2894) dbus security update dbus-tests-1.10.24-14.el7_8.x86_64.rpmLinux
(CESA-2020:2894) dbus security update dbus-x11-1.10.24-14.el7_8.x86_64.rpmLinux
SUSE-SU-2021:2424-1(SUSE Linux Enterprise Server 12-SP5 ) dbus-1-1.8.22-35.2.x86_64.rpmLinux
SUSE-SU-2021:2424-1(SUSE Linux Enterprise Server 12-SP5 ) dbus-1-debuginfo-1.8.22-35.2.x86_64.rpmLinux
SUSE-SU-2021:2424-1(SUSE Linux Enterprise Server 12-SP5 ) dbus-1-debugsource-1.8.22-35.2.x86_64.rpmLinux
SUSE-SU-2021:2424-1(SUSE Linux Enterprise Server 12-SP5 ) dbus-1-x11-1.8.22-35.2.x86_64.rpmLinux
SUSE-SU-2021:2424-1(SUSE Linux Enterprise Server 12-SP5 ) dbus-1-x11-debuginfo-1.8.22-35.2.x86_64.rpmLinux
SUSE-SU-2021:2424-1(SUSE Linux Enterprise Server 12-SP5 ) dbus-1-x11-debugsource-1.8.22-35.2.x86_64.rpmLinux
SUSE-SU-2021:2424-1(SUSE Linux Enterprise Server 12-SP5 ) libdbus-1-3-1.8.22-35.2.x86_64.rpmLinux
SUSE-SU-2021:2424-1(SUSE Linux Enterprise Server 12-SP5 ) libdbus-1-3-32bit-1.8.22-35.2.x86_64.rpmLinux
SUSE-SU-2021:2424-1(SUSE Linux Enterprise Server 12-SP5 ) libdbus-1-3-debuginfo-1.8.22-35.2.x86_64.rpmLinux
SUSE-SU-2021:2424-1(SUSE Linux Enterprise Server 12-SP5 ) libdbus-1-3-debuginfo-32bit-1.8.22-35.2.x86_64.rpmLinux
simple interprocess messaging system (USN-4398-2) libdbus-1-3_1.4.18-1ubuntu1.10_i386.debLinux
simple interprocess messaging system (USN-4398-2) libdbus-1-3_1.4.18-1ubuntu1.10_amd64.debLinux
Improper Resource Shutdown or Release Vulnerability (CVE-2020-12049)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234