CVE-2022-31212

Published: 17/07/2022 Updated: 03/05/2023

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

An issue exists in dbus-broker prior to 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dbus-broker project dbus-broker

Synopsis Moderate: dbus-broker security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for dbus-broker is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as hav ...

Debian Bug report logs - #1013343 dbus-broker: CVE-2022-31212 Package: src:dbus-broker; Maintainer for src:dbus-broker is Utopia Maintenance Team <pkg-utopia-maintainers@listsaliothdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Wed, 22 Jun 2022 09:39:02 UTC Severity: important Tags: security ...

ALAS-2023-284 Amazon Linux 2022 Security Advisory: ALAS-2023-284 Advisory Release Date: 2023-01-31 21:11 Pacific Advisory Updated Date: 2023-01-31 21:11 Pac ...

dbus-broker-29 suffers from multiple memory corruption vulnerabilities dbus-broker-31 addresses these issues ...

CWE-125 https://sec-consult.com/vulnerability-lab/advisory/memory-corruption-vulnerabilities-dbus-broker/https://github.com/bus1/dbus-broker/compare/v30...v31 https://security.gentoo.org/glsa/202305-04 https://access.redhat.com/errata/RHSA-2022:6608 https://nvd.nist.gov

CVE-2022-31212

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect