{"id":"CVE-2023-34969","details":"D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.","modified":"2026-04-10T04:59:42.179261Z","published":"2023-06-08T03:15:08.970Z","related":["ALSA-2023:4498","ALSA-2023:4569","SUSE-SU-2023:2876-1","SUSE-SU-2023:2877-1","SUSE-SU-2023:2879-1","openSUSE-SU-2024:12996-1"],"references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20231208-0007/"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00033.html"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZYCDRMD7B4XO4HF6C6YTLH4YUD7TANP/"},{"type":"FIX","url":"https://gitlab.freedesktop.org/dbus/dbus/-/issues/457"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.freedesktop.org/dbus/dbus","events":[{"introduced":"98294ab81a4d7ef00b6de5149344d92278c38593"},{"fixed":"7e3b7e12e5cb175722553ae950d46c39599f2a8a"},{"introduced":"6fd1509ba3677ac434176882fbf1ca5d7603651e"},{"fixed":"f90d4f16933ee5153fe02c405eb883c9cb8f0ad5"},{"introduced":"2770215f6cc31cf4723c71cfc67d2a505225d659"},{"fixed":"67ac3e6bc30bf545b7c2c21987a0242b65ddb3bf"}],"database_specific":{"versions":[{"introduced":"1.12.0"},{"fixed":"1.12.28"},{"introduced":"1.14.0"},{"fixed":"1.14.8"},{"introduced":"1.15.0"},{"fixed":"1.15.6"}]}}],"versions":["dbus-1.12.0","dbus-1.12.10","dbus-1.12.12","dbus-1.12.14","dbus-1.12.16","dbus-1.12.18","dbus-1.12.2","dbus-1.12.20","dbus-1.12.22","dbus-1.12.24","dbus-1.12.26","dbus-1.12.4","dbus-1.12.6","dbus-1.12.8","dbus-1.14.0","dbus-1.14.2","dbus-1.14.4","dbus-1.14.6","dbus-1.15.0","dbus-1.15.2","dbus-1.15.4"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-34969.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"38"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}