Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Off-by-one error in D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8, when running on a 64-bit system and the max_message_unix_fds limit is set to an odd number, allows local users to cause a denial of service (dbus-daemon crash) or possibly execute arbitrary code by sending one more file descriptor than the limit, which triggers a heap-based buffer overflow or an assertion failure.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat D-Bus 差一错误漏洞
Vulnerability Description
Red Hat D-BUS(也称DBus)是美国红帽(Red Hat)公司的一个免费的消息总线模块,它提供了简单应用程序互相通讯的途径,是freedesktop.org项目的一部分。 Red Hat D-Bus 1.3.0版本至1.6.22版本和1.8.8之前1.8.x版本中存在差一错误漏洞。当程序运行在64位系统上并且将max_message_unix_fds限制设置成奇数时,远程攻击者可通过发送超出限制的文件描述符利用该漏洞造成拒绝服务(dbus-daemon崩溃)或执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A