{"id":"OESA-2023-1375","summary":"dbus security update","details":"D-Bus is a message bus system, a simple way for applications to talk to one another. In addition to interprocess communication, D-Bus helps coordinate process lifecycle; it makes it simple and reliable to code a \"single instance\" application or daemon, and to launch applications and daemons on demand when their services are needed.\n\nSecurity Fix(es):\n\nD-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.(CVE-2023-34969)","modified":"2025-09-03T06:19:15.860457Z","published":"2023-06-27T11:05:26Z","upstream":["CVE-2023-34969"],"database_specific":{"severity":"Medium"},"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1375"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-34969"}],"affected":[{"package":{"name":"dbus","ecosystem":"openEuler:20.03-LTS-SP1","purl":"pkg:rpm/openEuler/dbus&distro=openEuler-20.03-LTS-SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.12.16-20.oe1"}]}],"ecosystem_specific":{"src":["dbus-1.12.16-20.oe1.src.rpm"],"aarch64":["dbus-x11-1.12.16-20.oe1.aarch64.rpm","dbus-devel-1.12.16-20.oe1.aarch64.rpm","dbus-1.12.16-20.oe1.aarch64.rpm","dbus-tools-1.12.16-20.oe1.aarch64.rpm","dbus-libs-1.12.16-20.oe1.aarch64.rpm","dbus-debugsource-1.12.16-20.oe1.aarch64.rpm","dbus-debuginfo-1.12.16-20.oe1.aarch64.rpm","dbus-daemon-1.12.16-20.oe1.aarch64.rpm"],"noarch":["dbus-common-1.12.16-20.oe1.noarch.rpm","dbus-help-1.12.16-20.oe1.noarch.rpm"],"x86_64":["dbus-1.12.16-20.oe1.x86_64.rpm","dbus-debugsource-1.12.16-20.oe1.x86_64.rpm","dbus-debuginfo-1.12.16-20.oe1.x86_64.rpm","dbus-daemon-1.12.16-20.oe1.x86_64.rpm","dbus-devel-1.12.16-20.oe1.x86_64.rpm","dbus-x11-1.12.16-20.oe1.x86_64.rpm","dbus-tools-1.12.16-20.oe1.x86_64.rpm","dbus-libs-1.12.16-20.oe1.x86_64.rpm"]},"database_specific":{"source":"https://repo.openeuler.org/security/data/osv/OESA-2023-1375.json"}},{"package":{"name":"dbus","ecosystem":"openEuler:20.03-LTS-SP3","purl":"pkg:rpm/openEuler/dbus&distro=openEuler-20.03-LTS-SP3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.12.16-21.oe1"}]}],"ecosystem_specific":{"src":["dbus-1.12.16-21.oe1.src.rpm"],"aarch64":["dbus-tools-1.12.16-21.oe1.aarch64.rpm","dbus-daemon-1.12.16-21.oe1.aarch64.rpm","dbus-1.12.16-21.oe1.aarch64.rpm","dbus-x11-1.12.16-21.oe1.aarch64.rpm","dbus-debugsource-1.12.16-21.oe1.aarch64.rpm","dbus-devel-1.12.16-21.oe1.aarch64.rpm","dbus-libs-1.12.16-21.oe1.aarch64.rpm","dbus-debuginfo-1.12.16-21.oe1.aarch64.rpm"],"noarch":["dbus-common-1.12.16-21.oe1.noarch.rpm","dbus-help-1.12.16-21.oe1.noarch.rpm"],"x86_64":["dbus-debuginfo-1.12.16-21.oe1.x86_64.rpm","dbus-tools-1.12.16-21.oe1.x86_64.rpm","dbus-devel-1.12.16-21.oe1.x86_64.rpm","dbus-x11-1.12.16-21.oe1.x86_64.rpm","dbus-debugsource-1.12.16-21.oe1.x86_64.rpm","dbus-libs-1.12.16-21.oe1.x86_64.rpm","dbus-1.12.16-21.oe1.x86_64.rpm","dbus-daemon-1.12.16-21.oe1.x86_64.rpm"]},"database_specific":{"source":"https://repo.openeuler.org/security/data/osv/OESA-2023-1375.json"}},{"package":{"name":"dbus","ecosystem":"openEuler:22.03-LTS","purl":"pkg:rpm/openEuler/dbus&distro=openEuler-22.03-LTS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.12.20-9.oe2203sp1"}]}],"ecosystem_specific":{"src":["dbus-1.12.20-10.oe2203.src.rpm","dbus-1.12.20-9.oe2203sp1.src.rpm"],"aarch64":["dbus-debugsource-1.12.20-10.oe2203.aarch64.rpm","dbus-debuginfo-1.12.20-10.oe2203.aarch64.rpm","dbus-daemon-1.12.20-10.oe2203.aarch64.rpm","dbus-x11-1.12.20-10.oe2203.aarch64.rpm","dbus-devel-1.12.20-10.oe2203.aarch64.rpm","dbus-libs-1.12.20-10.oe2203.aarch64.rpm","dbus-1.12.20-10.oe2203.aarch64.rpm","dbus-tools-1.12.20-10.oe2203.aarch64.rpm","dbus-x11-1.12.20-9.oe2203sp1.aarch64.rpm","dbus-libs-1.12.20-9.oe2203sp1.aarch64.rpm","dbus-1.12.20-9.oe2203sp1.aarch64.rpm","dbus-debugsource-1.12.20-9.oe2203sp1.aarch64.rpm","dbus-devel-1.12.20-9.oe2203sp1.aarch64.rpm","dbus-debuginfo-1.12.20-9.oe2203sp1.aarch64.rpm","dbus-daemon-1.12.20-9.oe2203sp1.aarch64.rpm","dbus-tools-1.12.20-9.oe2203sp1.aarch64.rpm"],"noarch":["dbus-common-1.12.20-10.oe2203.noarch.rpm","dbus-help-1.12.20-10.oe2203.noarch.rpm","dbus-common-1.12.20-9.oe2203sp1.noarch.rpm","dbus-help-1.12.20-9.oe2203sp1.noarch.rpm"],"x86_64":["dbus-devel-1.12.20-10.oe2203.x86_64.rpm","dbus-tools-1.12.20-10.oe2203.x86_64.rpm","dbus-1.12.20-10.oe2203.x86_64.rpm","dbus-debugsource-1.12.20-10.oe2203.x86_64.rpm","dbus-debuginfo-1.12.20-10.oe2203.x86_64.rpm","dbus-libs-1.12.20-10.oe2203.x86_64.rpm","dbus-daemon-1.12.20-10.oe2203.x86_64.rpm","dbus-x11-1.12.20-10.oe2203.x86_64.rpm","dbus-tools-1.12.20-9.oe2203sp1.x86_64.rpm","dbus-debuginfo-1.12.20-9.oe2203sp1.x86_64.rpm","dbus-debugsource-1.12.20-9.oe2203sp1.x86_64.rpm","dbus-x11-1.12.20-9.oe2203sp1.x86_64.rpm","dbus-1.12.20-9.oe2203sp1.x86_64.rpm","dbus-daemon-1.12.20-9.oe2203sp1.x86_64.rpm","dbus-libs-1.12.20-9.oe2203sp1.x86_64.rpm","dbus-devel-1.12.20-9.oe2203sp1.x86_64.rpm"]},"database_specific":{"source":"https://repo.openeuler.org/security/data/osv/OESA-2023-1375.json"}},{"package":{"name":"dbus","ecosystem":"openEuler:22.03-LTS-SP1","purl":"pkg:rpm/openEuler/dbus&distro=openEuler-22.03-LTS-SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.12.20-9.oe2203sp1"}]}],"ecosystem_specific":{"src":["dbus-1.12.20-9.oe2203sp1.src.rpm"],"aarch64":["dbus-x11-1.12.20-9.oe2203sp1.aarch64.rpm","dbus-libs-1.12.20-9.oe2203sp1.aarch64.rpm","dbus-1.12.20-9.oe2203sp1.aarch64.rpm","dbus-debugsource-1.12.20-9.oe2203sp1.aarch64.rpm","dbus-devel-1.12.20-9.oe2203sp1.aarch64.rpm","dbus-debuginfo-1.12.20-9.oe2203sp1.aarch64.rpm","dbus-daemon-1.12.20-9.oe2203sp1.aarch64.rpm","dbus-tools-1.12.20-9.oe2203sp1.aarch64.rpm"],"noarch":["dbus-common-1.12.20-9.oe2203sp1.noarch.rpm","dbus-help-1.12.20-9.oe2203sp1.noarch.rpm"],"x86_64":["dbus-tools-1.12.20-9.oe2203sp1.x86_64.rpm","dbus-debuginfo-1.12.20-9.oe2203sp1.x86_64.rpm","dbus-debugsource-1.12.20-9.oe2203sp1.x86_64.rpm","dbus-x11-1.12.20-9.oe2203sp1.x86_64.rpm","dbus-1.12.20-9.oe2203sp1.x86_64.rpm","dbus-daemon-1.12.20-9.oe2203sp1.x86_64.rpm","dbus-libs-1.12.20-9.oe2203sp1.x86_64.rpm","dbus-devel-1.12.20-9.oe2203sp1.x86_64.rpm"]},"database_specific":{"source":"https://repo.openeuler.org/security/data/osv/OESA-2023-1375.json"}}],"schema_version":"1.7.3"}