An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.
The product does not verify, or incorrectly verifies, the cryptographic signature for data.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Dbus | Freedesktop | * | 1.12.24 (excluding) |
Dbus | Freedesktop | 1.13.0 (including) | 1.14.4 (excluding) |
Dbus | Freedesktop | 1.15.0 (including) | 1.15.2 (excluding) |