oss-sec mailing list archives
Re: dbus denial of service: CVE-2022-42010, -42011, -42012
From: Simon McVittie <smcv () debian org>
Date: Thu, 6 Oct 2022 16:40:10 +0100
On Thu, 06 Oct 2022 at 10:53:15 -0400, Demi Marie Obenour wrote:
Is the memory corruption potentially exploitable for local privilege escalation?
It is not known to be, but also not known not to be. I'm sure a sufficiently creative attacker can convert almost any memory corruption into arbitrary code execution, but exploit development is not my job (I'd rather fix the vulnerabilities!), so I have not attempted to weaponize this.
Are clients using libdbus vulnerable if they are behind dbus-broker?
I don't maintain dbus-broker and have not tested or audited it, so
I don't know how much validation it does. I would hope that it would
detect and prevent CVE-2022-42011 and CVE-2022-42010 (which involve
invalid messages), but probably not CVE-2022-42012 (which involves a
message that is odd but technically valid).
smcv
Current thread:
- dbus denial of service: CVE-2022-42010, -42011, -42012 Simon McVittie (Oct 06)
- Re: dbus denial of service: CVE-2022-42010, -42011, -42012 Demi Marie Obenour (Oct 06)
- Re: dbus denial of service: CVE-2022-42010, -42011, -42012 Simon McVittie (Oct 06)
- Re: dbus denial of service: CVE-2022-42010, -42011, -42012 Demi Marie Obenour (Oct 06)
- Re: dbus denial of service: CVE-2022-42010, -42011, -42012 Simon McVittie (Oct 06)
- Re: dbus denial of service: CVE-2022-42010, -42011, -42012 Simon McVittie (Oct 06)
- Re: dbus denial of service: CVE-2022-42010, -42011, -42012 Demi Marie Obenour (Oct 06)