Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-31212HistoryJul 17, 2022 - 11:15 p.m.
CVE-2022-31212
2022-07-1723:15:08
Debian Security Bug Tracker
security-tracker.debian.org
29
dbus-broker
buffer over-read
vulnerability
c-shquote
dbus service.
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
50.0%
An issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service’s Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | dbus-broker | < 30-1 | dbus-broker_30-1_all.deb |
| Debian | 11 | all | dbus-broker | < 26-1+deb11u1 | dbus-broker_26-1+deb11u1_all.deb |
| Debian | 999 | all | dbus-broker | < 30-1 | dbus-broker_30-1_all.deb |
| Debian | 13 | all | dbus-broker | < 30-1 | dbus-broker_30-1_all.deb |
Related
redhatcve
redhatcve
CVE-2022-31212
2022-06-08 16:09:10
cve
cve
CVE-2022-31212
2022-07-17 23:15:08
cvelist
cvelist
CVE-2022-31212
2022-07-17 00:00:00
veracode
veracode
Buffer Overflow
2022-06-24 21:40:35
prion
prion
Stack overflow
2022-07-17 23:15:00
osv
osv
CVE-2022-31212
2022-07-17 23:15:08
Moderate: dbus-broker security update
2022-09-20 00:00:00
Moderate: dbus-broker security update
2022-09-20 11:40:32
ubuntucve
ubuntucve
CVE-2022-31212
2022-07-17 00:00:00
nvd
nvd
CVE-2022-31212
2022-07-17 23:15:08
nessus
nessus
GLSA-202305-04 : dbus-broker: Multiple Vulnerabilities
2023-05-03 00:00:00
CentOS 9 : dbus-broker-28-6.el9
2024-02-29 00:00:00
RHEL 9 : dbus-broker (RHSA-2022:6608)
2022-09-20 00:00:00
gentoo
gentoo
dbus-broker: Multiple Vulnerabilities
2023-05-03 00:00:00
packetstorm
packetstorm
dbus-broker-29 Memory Corruption
2022-06-06 00:00:00
rocky
rocky
dbus-broker security update
2022-09-20 11:40:32
oraclelinux
oraclelinux
dbus-broker security update
2022-09-21 00:00:00
redhat
redhat
(RHSA-2022:6608) Moderate: dbus-broker security update
2022-09-20 11:40:32
almalinux
almalinux
Moderate: dbus-broker security update
2022-09-20 00:00:00
zdt
zdt
dbus-broker-29 Memory Corruption Exploit
2022-06-07 00:00:00
openvas
openvas
openSUSE: Security Advisory for dbus (openSUSE-SU-2022:10030-1)
2024-03-04 00:00:00
suse
suse
Security update for dbus-broker (moderate)
2022-06-25 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-0271
2022-10-28 00:00:00
Critical Photon OS Security Update - PHSA-2022-4.0-0271
2022-10-28 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
50.0%
Related for DEBIANCVE:CVE-2022-31212