Upstream information

CVE-2013-2168 at MITRE

Description

The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4.x before 1.4.26, 1.6.x before 1.6.12, and 1.7.x before 1.7.4 allows local users to cause a denial of service (service crash) via a crafted message.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 1.85
Vector AV:L/AC:M/Au:N/C:N/I:N/A:P
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entry: 824607 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12
  • dbus-1 >= 1.8.8-1.5
  • dbus-1-x11 >= 1.8.8-1.5
  • libdbus-1-3 >= 1.8.8-1.12
  • libdbus-1-3-32bit >= 1.8.8-1.12
Patchnames:
SUSE Linux Enterprise Desktop 12 GA dbus-1
SUSE Linux Enterprise Desktop 12 SP1
  • dbus-1 >= 1.8.16-14.1
  • dbus-1-x11 >= 1.8.16-14.1
  • libdbus-1-3 >= 1.8.16-14.1
  • libdbus-1-3-32bit >= 1.8.16-14.1
Patchnames:
SUSE Linux Enterprise Desktop 12 SP1 GA dbus-1
SUSE Linux Enterprise Desktop 12 SP2
  • dbus-1 >= 1.8.16-19.1
  • dbus-1-x11 >= 1.8.16-19.1
  • libdbus-1-3 >= 1.8.16-19.1
  • libdbus-1-3-32bit >= 1.8.16-19.1
Patchnames:
SUSE Linux Enterprise Desktop 12 SP2 GA dbus-1
SUSE Linux Enterprise Server 12
  • dbus-1 >= 1.8.8-1.5
  • dbus-1-x11 >= 1.8.8-1.5
  • libdbus-1-3 >= 1.8.8-1.5
  • libdbus-1-3-32bit >= 1.8.8-1.12
Patchnames:
SUSE Linux Enterprise Server 12 GA dbus-1
SUSE Linux Enterprise Server 12 SP1
  • dbus-1 >= 1.8.16-14.1
  • dbus-1-x11 >= 1.8.16-14.1
  • libdbus-1-3 >= 1.8.16-14.1
  • libdbus-1-3-32bit >= 1.8.16-14.1
Patchnames:
SUSE Linux Enterprise Server 12 SP1 GA dbus-1
SUSE Linux Enterprise Server 12 SP2
  • dbus-1 >= 1.8.16-19.1
  • dbus-1-x11 >= 1.8.16-19.1
  • libdbus-1-3 >= 1.8.16-19.1
  • libdbus-1-3-32bit >= 1.8.16-19.1
Patchnames:
SUSE Linux Enterprise Server 12 SP2 GA dbus-1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
  • dbus-1 >= 1.8.16-19.1
  • dbus-1-x11 >= 1.8.16-19.1
  • libdbus-1-3 >= 1.8.16-19.1
Patchnames:
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA dbus-1
SUSE Linux Enterprise Software Development Kit 12
  • dbus-1-devel >= 1.8.8-1.12
  • dbus-1-devel-doc >= 1.8.8-1.5
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 GA dbus-1-devel
SUSE Linux Enterprise Software Development Kit 12 SP1
  • dbus-1-devel >= 1.8.16-14.1
  • dbus-1-devel-doc >= 1.8.16-14.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP1 GA dbus-1-devel
SUSE Linux Enterprise Software Development Kit 12 SP2
  • dbus-1-devel >= 1.8.16-19.1
  • dbus-1-devel-doc >= 1.8.16-19.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP2 GA dbus-1-devel
openSUSE 12.3
  • dbus-1 >= 1.6.8-2.6.1
  • dbus-1-32bit >= 1.6.8-2.6.1
  • dbus-1-debuginfo >= 1.6.8-2.6.1
  • dbus-1-debuginfo-32bit >= 1.6.8-2.6.1
  • dbus-1-debugsource >= 1.6.8-2.6.1
  • dbus-1-devel >= 1.6.8-2.6.1
  • dbus-1-devel-32bit >= 1.6.8-2.6.1
  • dbus-1-devel-doc >= 1.6.8-2.6.1
  • dbus-1-x11 >= 1.6.8-2.6.1
  • dbus-1-x11-debuginfo >= 1.6.8-2.6.1
  • dbus-1-x11-debugsource >= 1.6.8-2.6.1
  • libdbus-1-3 >= 1.6.8-2.6.1
  • libdbus-1-3-32bit >= 1.6.8-2.6.1
  • libdbus-1-3-debuginfo >= 1.6.8-2.6.1
  • libdbus-1-3-debuginfo-32bit >= 1.6.8-2.6.1
Patchnames:
openSUSE-2013-545
openSUSE 13.2
  • dbus-1 >= 1.8.8-1.3
  • dbus-1-devel >= 1.8.8-1.1
  • dbus-1-x11 >= 1.8.8-1.3
  • libdbus-1-3 >= 1.8.8-1.1
  • libdbus-1-3-32bit >= 1.8.8-1.1
Patchnames:
openSUSE 13.2 GA dbus-1
openSUSE Leap 42.1
  • dbus-1 >= 1.8.16-5.9
  • dbus-1-devel >= 1.8.16-5.2
  • dbus-1-x11 >= 1.8.16-5.9
  • libdbus-1-3 >= 1.8.16-5.2
  • libdbus-1-3-32bit >= 1.8.16-5.2
Patchnames:
openSUSE Leap 42.1 GA dbus-1
openSUSE Leap 42.2
  • dbus-1 >= 1.8.22-1.1
  • dbus-1-devel >= 1.8.22-1.1
  • dbus-1-x11 >= 1.8.22-1.1
  • libdbus-1-3 >= 1.8.22-1.1
  • libdbus-1-3-32bit >= 1.8.22-1.1
Patchnames:
openSUSE Leap 42.2 GA dbus-1
openSUSE Tumbleweed
  • dbus-1 >= 1.10.12-2.1
  • dbus-1-devel >= 1.10.12-2.1
  • dbus-1-devel-32bit >= 1.10.12-2.1
  • dbus-1-devel-doc >= 1.10.12-2.1
  • dbus-1-x11 >= 1.10.12-2.1
  • libdbus-1-3 >= 1.10.12-2.1
  • libdbus-1-3-32bit >= 1.10.12-2.1
Patchnames:
openSUSE Tumbleweed GA dbus-1