[ GLSA 202007-46 ] D-Bus

[GLSA]

Gentoo Linux Security Advisory

Title: D-Bus: Denial of service (GLSA 202007-46)
Severity: normal
Exploitable: local
Date: 2020-07-27
Bug(s): #727104
ID: 202007-46

Synopsis

A local Denial of Service vulnerability was discovered in D-Bus.

Background

D-Bus is a message bus system which processes can use to talk to each
other.


Affected Packages

Package: sys-apps/dbus
Vulnerable: < 1.12.18
Unaffected: >= 1.12.18
Architectures: All supported architectures


Description

D-Bus does not correctly dispose of old connections meaning that it is
possible for D-Bus to hit a connection limit.


Impact

An attacker could cause a possible Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All D-Bus users should upgrade to the latest version: