Packages
- dbus - simple interprocess messaging system
Details
Alban Crequy discovered that dbus-daemon incorrectly sent AccessDenied
errors to the service instead of the client when enforcing permissions. A
local user can use this issue to possibly deny access to the service.
(CVE-2014-3477)
Alban Crequy discovered that dbus-daemon incorrectly handled certain file
descriptors. A local attacker could use this issue to cause services or
clients to disconnect, resulting in a denial of service. (CVE-2014-3532,
CVE-2014-3533)
Alban Crequy discovered that dbus-daemon incorrectly sent AccessDenied
errors to the service instead of the client when enforcing permissions. A
local user can use this issue to possibly deny access to the service.
(CVE-2014-3477)
Alban Crequy discovered that dbus-daemon incorrectly handled certain file
descriptors. A local attacker could use this issue to cause services or
clients to disconnect, resulting in a denial of service. (CVE-2014-3532,
CVE-2014-3533)
Update instructions
After a standard system update you need to reboot your computer to make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 14.04 trusty | dbus – 1.6.18-0ubuntu4.1 | ||
| libdbus-1-3 – 1.6.18-0ubuntu4.1 | |||
| 13.10 saucy | dbus – 1.6.12-0ubuntu10.1 | ||
| libdbus-1-3 – 1.6.12-0ubuntu10.1 | |||
| 12.04 precise | dbus – 1.4.18-1ubuntu1.5 | ||
| libdbus-1-3 – 1.4.18-1ubuntu1.5 | |||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.