Vulnerability CVE-2015-0245: Information

Description

D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9.x before 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service (activation failure error returned) by leveraging a race condition involving sending an ActivationFailure signal before systemd responds.

Severity: LOW (1.9)

URL: https://nvd.nist.gov/vuln/detail/CVE-2015-0245

Published: Feb. 13, 2015

Modified: Dec. 27, 2023

Error type identifier: CWE-362

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
dbus	sisyphus	1.8.16-alt1	1.14.10-alt1	ALT-PU-2015-1176-1	140528	Fixed
dbus	p10	1.8.16-alt1	1.14.10-alt1	ALT-PU-2015-1176-1	140528	Fixed
dbus	p9	1.8.16-alt1	1.12.16-alt2	ALT-PU-2015-1176-1	140528	Fixed
dbus	c10f1	1.8.16-alt1	1.14.8-alt1	ALT-PU-2015-1176-1	140528	Fixed
dbus	c9f2	1.8.16-alt1	1.12.16-alt2.c9f2.1	ALT-PU-2015-1176-1	140528	Fixed
dbus	c7	1.6.30-alt1.M70C.1	1.6.30-alt1.M70C.2	ALT-PU-2015-2059-1	154197	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
[oss-security] 20150209 CVE-2015-0245: denial of service in dbus >= 1.4 systemd activation
DSA-3161
openSUSE-SU-2015:0300
MDVSA-2015:176
http://advisories.mageia.org/MGASA-2015-0071.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Affected configurations:
1. Configuration 1
  cpe:2.3:a:freedesktop:dbus:1.6.4:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.4.18:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.6.0:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.5.6:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.6.24:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.8.0:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.5.8:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.5.4:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.5.10:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.9.0:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.4.24:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.4.12:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.6.20:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.6.10:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.5.0:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.6.12:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.6.16:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.4.6:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.6.8:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.4.16:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.5.2:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.6.26:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.9.6:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.4.8:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.9.2:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.6.14:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.4.14:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.4.1:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.6.6:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.6.22:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.8.6:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.6.18:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.4.0:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.9.8:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.6.28:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.8.8:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.8.12:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.9.4:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.8.14:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.8.4:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.4.20:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.4.26:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.8.2:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.4.10:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.4.4:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.8.10:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.5.12:*:*:*:*:*:*:*
  cpe:2.3:a:freedesktop:dbus:1.6.2:*:*:*:*:*:*:*
  
  Configuration 2
  cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
  cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Version: v24.5.1

Vulnerability CVE-2015-0245: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2