CVE-2013-2168
Published: 13 June 2013
The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4.x before 1.4.26, 1.6.x before 1.6.12, and 1.7.x before 1.7.4 allows local users to cause a denial of service (service crash) via a crafted message.
Priority
Status
Package | Release | Status |
---|---|---|
dbus Launchpad, Ubuntu, Debian |
lucid |
Not vulnerable
|
precise |
Released
(1.4.18-1ubuntu1.4)
|
|
quantal |
Released
(1.6.4-1ubuntu4.1)
|
|
raring |
Released
(1.6.8-1ubuntu6.1)
|
|
upstream |
Needs triage
|
|
Patches: upstream: http://cgit.freedesktop.org/dbus/dbus/commit/?id=954d75b2b64e4799f360d2a6bf9cff6d9fee37e7 upstream: http://cgit.freedesktop.org/dbus/dbus/commit/?id=2420f7ae8b72405de1a41760b213e2e0849b2b8d |