CVE-2020-12049 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Low
Remote	No
Type	Denial of service
Description	An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AF_UNIX socket could use this to make the system service reach its file descriptor limit, denying service to subsequent D-Bus clients.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1183	dbus	1.12.16-5	1.12.18-1	Low	Fixed

Date	Advisory	Group	Package	Severity	Type
13 Jun 2020	ASA-202006-9	AVG-1183	dbus	Low	denial of service

References
https://www.openwall.com/lists/oss-security/2020/06/04/3 https://gitlab.freedesktop.org/dbus/dbus/-/issues/294 https://gitlab.freedesktop.org/dbus/dbus/-/commit/872b085f12f56da25a2dbd9bd0b2dff31d5aea63

References

https://www.openwall.com/lists/oss-security/2020/06/04/3
https://gitlab.freedesktop.org/dbus/dbus/-/issues/294
https://gitlab.freedesktop.org/dbus/dbus/-/commit/872b085f12f56da25a2dbd9bd0b2dff31d5aea63