1.9
CVE-2015-0245
- EPSS 0.27%
- Veröffentlicht 13.02.2015 15:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9.x before 1.9.10 does not validate the source of ActivationFailure signals, which allows local users to cause a denial of service (activation failure error returned) by leveraging a race condition involving sending an ActivationFailure signal before systemd responds.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Freedesktop ≫ Dbus Version1.4.0
Freedesktop ≫ Dbus Version1.4.1
Freedesktop ≫ Dbus Version1.4.4
Freedesktop ≫ Dbus Version1.4.6
Freedesktop ≫ Dbus Version1.4.8
Freedesktop ≫ Dbus Version1.4.10
Freedesktop ≫ Dbus Version1.4.12
Freedesktop ≫ Dbus Version1.4.14
Freedesktop ≫ Dbus Version1.4.16
Freedesktop ≫ Dbus Version1.4.18
Freedesktop ≫ Dbus Version1.4.20
Freedesktop ≫ Dbus Version1.4.24
Freedesktop ≫ Dbus Version1.4.26
Freedesktop ≫ Dbus Version1.5.0
Freedesktop ≫ Dbus Version1.5.2
Freedesktop ≫ Dbus Version1.5.4
Freedesktop ≫ Dbus Version1.5.6
Freedesktop ≫ Dbus Version1.5.8
Freedesktop ≫ Dbus Version1.5.10
Freedesktop ≫ Dbus Version1.5.12
Freedesktop ≫ Dbus Version1.6.0
Freedesktop ≫ Dbus Version1.6.2
Freedesktop ≫ Dbus Version1.6.4
Freedesktop ≫ Dbus Version1.6.6
Freedesktop ≫ Dbus Version1.6.8
Freedesktop ≫ Dbus Version1.6.10
Freedesktop ≫ Dbus Version1.6.12
Freedesktop ≫ Dbus Version1.6.14
Freedesktop ≫ Dbus Version1.6.16
Freedesktop ≫ Dbus Version1.6.18
Freedesktop ≫ Dbus Version1.6.20
Freedesktop ≫ Dbus Version1.6.22
Freedesktop ≫ Dbus Version1.6.24
Freedesktop ≫ Dbus Version1.6.26
Freedesktop ≫ Dbus Version1.6.28
Freedesktop ≫ Dbus Version1.8.0
Freedesktop ≫ Dbus Version1.8.2
Freedesktop ≫ Dbus Version1.8.4
Freedesktop ≫ Dbus Version1.8.6
Freedesktop ≫ Dbus Version1.8.8
Freedesktop ≫ Dbus Version1.8.10
Freedesktop ≫ Dbus Version1.8.12
Freedesktop ≫ Dbus Version1.8.14
Freedesktop ≫ Dbus Version1.9.0
Freedesktop ≫ Dbus Version1.9.2
Freedesktop ≫ Dbus Version1.9.4
Freedesktop ≫ Dbus Version1.9.6
Freedesktop ≫ Dbus Version1.9.8
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.27% | 0.188 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 1.9 | 3.4 | 2.9 |
AV:L/AC:M/Au:N/C:N/I:N/A:P
|
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.mandriva.com/security/advisories?name=MDVSA-2015:176
http://lists.opensuse.org/opensuse-updates/2015-02/msg00066.html
http://advisories.mageia.org/MGASA-2015-0071.html
http://www.debian.org/security/2015/dsa-3161
http://www.openwall.com/lists/oss-security/2015/02/09/6