dbus-1.10.24-14.el7

エラータID: AXSA:2020-220:01

Release date: 
Wednesday, July 15, 2020 - 02:22
Subject: 
dbus-1.10.24-14.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.

Security Fix(es):

* dbus: denial of service via file descriptor leak (CVE-2020-12049)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2020-12049
An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AF_UNIX socket could use this to make the system service reach its file descriptor limit, denying service to subsequent D-Bus clients.

Solution: 

Update packages.

CVEs: 
CVE-2020-12049
An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AF_UNIX socket could use this to make the system service reach its file descriptor limit, denying service to subsequent D-Bus clients.
Additional Info: 

N/A

Download: 

SRPMS
  1. dbus-1.10.24-14.el7.src.rpm
    MD5: 6771516aad90bd85788a9be57711e896
    SHA-256: 371b1120280d2d5a6e7a828eefd78ab19b10a9af4a3e7821162aaaee88cfe87f
    Size: 1.96 MB

Asianux Server 7 for x86_64
  1. dbus-1.10.24-14.el7.x86_64.rpm
    MD5: 1158d0fc148f7166b2028fb0e3ca702b
    SHA-256: 1ad59d892911b1e11e10a79873fcc1980c552199a1612879a5225c260170f475
    Size: 240.40 kB
  2. dbus-devel-1.10.24-14.el7.x86_64.rpm
    MD5: 8daf155cd58859054da3f9f95dc93701
    SHA-256: c72678c4837c883c174e0dfc826b885c791859f35340c187792f788c723adf94
    Size: 53.20 kB
  3. dbus-libs-1.10.24-14.el7.x86_64.rpm
    MD5: a0b91253202eb848b534ff40cdad9576
    SHA-256: 75fd916c1512e3c27f068e96bffd673fa96ea3f5217400e8f2e2655e63aba338
    Size: 168.28 kB
  4. dbus-x11-1.10.24-14.el7.x86_64.rpm
    MD5: cbca29ec697f95423b80a2bbdfa194f8
    SHA-256: c81dae211ba0d9a3c4b9912b72db0754f7c9904238f824a7d27a8b5ee9a0d346
    Size: 46.97 kB
  5. dbus-devel-1.10.24-14.el7.i686.rpm
    MD5: 0173a0431fa284ca4ba38ca84334e960
    SHA-256: f2a84610498b7d9e7fb6a9cb160faacfa7f06b45d6aa38b4ed95dfcda6035a7c
    Size: 53.23 kB
  6. dbus-libs-1.10.24-14.el7.i686.rpm
    MD5: 40cbdfd8c209ef889cfcae0785ccfeb7
    SHA-256: a3e726d2ae62e18d07b45e3d1ba166006a0aac91a541e3b7029475067dc30783
    Size: 168.87 kB