Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The D-Bus security policy files in /etc/dbus-1/system.d/*.conf in fso-gsmd 0.12.0-3, fso-frameworkd 0.9.5.9+git20110512-4, and fso-usaged 0.12.0-2 as packaged in Debian, the upstream cornucopia.git (fsoaudiod, fsodatad, fsodeviced, fsogsmd, fsonetworkd, fsotdld, fsousaged) git master on 2015-01-19, the upstream framework.git 0.10.1 and git master on 2015-01-19, phonefsod 0.1+git20121018-1 as packaged in Debian, Ubuntu and potentially other packages, and potentially other fso modules do not properly filter D-Bus message paths, which might allow local users to cause a denial of service (dbus-daemon memory consumption), or execute arbitrary code as root by sending a crafted D-Bus message to any D-Bus system service.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
freesmartphone.org 权限许可和访问控制漏洞
Vulnerability Description
freesmartphone.org是一套基于Linux嵌入式系统的中间件平台。 freesmartphone.org中存在本地安全绕过漏洞,该漏洞源于程序没有正确的过滤D-Bus消息路径。本地攻击者可通过向D-Bus系统服务发送特制的D-Bus消息利用该漏洞造成拒绝服务(dbus-daemon内存损坏)或以root权限执行代码。
CVSS Information
N/A
Vulnerability Type
N/A