Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2022-0365)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2022.0365

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2022-0365)

Resumen: The remote host is missing an update for the 'dbus' package(s) announced via the MGASA-2022-0365 advisory.

Descripción: Summary:
The remote host is missing an update for the 'dbus' package(s) announced via the MGASA-2022-0365 advisory.

Vulnerability Insight:
A syntactically invalid type signature with incorrectly nested parentheses
and curly brackets would cause an assertion failure in debug builds.
Similar messages could potentially result in a crash or incorrect message
processing in a production build, although we are not aware of a practical
example. (CVE-2022-42010)

An invalid array of fixed-length elements where the length of the array is
not a multiple of the length of the element would cause an assertion
failure in debug builds or an out-of-bounds read in production builds.
(CVE-2022-42011)

A message in non-native endianness with out-of-band Unix file descriptors
would cause a use-after-free and possible memory corruption in production
builds, or an assertion failure in debug builds. (CVE-2022-42012)

Affected Software/OS:
'dbus' package(s) on Mageia 8.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2022-42010
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/
https://security.gentoo.org/glsa/202305-08
https://gitlab.freedesktop.org/dbus/dbus/-/issues/418
Common Vulnerability Exposure (CVE) ID: CVE-2022-42011
https://gitlab.freedesktop.org/dbus/dbus/-/issues/413
Common Vulnerability Exposure (CVE) ID: CVE-2022-42012
https://gitlab.freedesktop.org/dbus/dbus/-/issues/417

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2022.0365
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2022-0365)
Resumen:	The remote host is missing an update for the 'dbus' package(s) announced via the MGASA-2022-0365 advisory.
Descripción:	Summary: The remote host is missing an update for the 'dbus' package(s) announced via the MGASA-2022-0365 advisory. Vulnerability Insight: A syntactically invalid type signature with incorrectly nested parentheses and curly brackets would cause an assertion failure in debug builds. Similar messages could potentially result in a crash or incorrect message processing in a production build, although we are not aware of a practical example. (CVE-2022-42010) An invalid array of fixed-length elements where the length of the array is not a multiple of the length of the element would cause an assertion failure in debug builds or an out-of-bounds read in production builds. (CVE-2022-42011) A message in non-native endianness with out-of-band Unix file descriptors would cause a use-after-free and possible memory corruption in production builds, or an assertion failure in debug builds. (CVE-2022-42012) Affected Software/OS: 'dbus' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-42010 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG/ https://security.gentoo.org/glsa/202305-08 https://gitlab.freedesktop.org/dbus/dbus/-/issues/418 Common Vulnerability Exposure (CVE) ID: CVE-2022-42011 https://gitlab.freedesktop.org/dbus/dbus/-/issues/413 Common Vulnerability Exposure (CVE) ID: CVE-2022-42012 https://gitlab.freedesktop.org/dbus/dbus/-/issues/417
Copyright	Copyright (C) 2022 Greenbone AG