D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and 1.9.x before 1.9.2 allows local users to cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3636.1.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.6.18-0ubuntu4.3", "binary_name": "dbus" }, { "binary_version": "1.6.18-0ubuntu4.3", "binary_name": "dbus-1-dbg" }, { "binary_version": "1.6.18-0ubuntu4.3", "binary_name": "dbus-1-doc" }, { "binary_version": "1.6.18-0ubuntu4.3", "binary_name": "dbus-x11" }, { "binary_version": "1.6.18-0ubuntu4.3", "binary_name": "libdbus-1-3" }, { "binary_version": "1.6.18-0ubuntu4.3", "binary_name": "libdbus-1-dev" } ] }