DescriptionAn issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database||SUSE|
SUSE Security Advisories:
- openSUSE-SU-2022:10030-1, published Sat Jun 25 23:38:43 2022
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Package Hub 15 SP4|| ||Patchnames: |
|openSUSE Leap 15.4|| ||Patchnames: |
SUSE Timeline for this CVECVE page created: Wed Jun 8 12:01:50 2022
CVE page last modified: Wed Oct 26 23:56:06 2022