The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of D-Bus: denial of service via endianness

Synthesis of the vulnerability 

A local attacker can send a D-Bus message with an invalid endianness, in order to stop the service.
Impacted products: Fedora, openSUSE, Solaris, RHEL, SUSE Linux Enterprise Desktop, SLES, Unix (platform) ~ not comprehensive.
Severity of this bulletin: 1/4.
Creation date: 13/06/2011.
Références of this threat: 38120, BID-48216, CVE-2011-2200, FEDORA-2011-9817, FEDORA-2011-9891, openSUSE-SU-2011:0880-1, RHSA-2011:1132-01, SUSE-SU-2011:0752-1, VIGILANCE-VUL-10725.

Description of the vulnerability 

The D-Bus service is used by applications to communicate via messages sent on a bus.

The format of messages depends on the endianness (big endian or little endian) of the processor. The first byte of a D-Bus message indicates its endianness.

When the libdbus library processes a message with a different endianness, the _dbus_header_byteswap() function of the dbus/dbus-marshal-header.c file reverts the endianness of the message. In order to do so, it alters the data, however it forgets to alter the first byte of the message. As this first byte still indicates an incorrect endianness, applications decode invalid fields, which stop them.

A local attacker can therefore send a D-Bus message with an invalid endianness, in order to stop the service.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This computer weakness note impacts software or systems such as Fedora, openSUSE, Solaris, RHEL, SUSE Linux Enterprise Desktop, SLES, Unix (platform) ~ not comprehensive.

Our Vigil@nce team determined that the severity of this security bulletin is low.

The trust level is of type confirmed by the editor, with an origin of user shell.

An attacker with a expert ability can exploit this weakness announce.

Solutions for this threat 

D-Bus: version 1.4.12.
The version 1.4.12 is corrected:
  http://dbus.freedesktop.org/releases/dbus/

D-Bus: version 1.2.28.
The version 1.2.28 is corrected:
  http://dbus.freedesktop.org/releases/dbus/

D-Bus: patch for endianness.
A patch is available in information sources.

Fedora: new dbus packages.
New packages are available:
  dbus-1.4.0-3.fc14
  dbus-1.4.6-5.fc15

RHEL 5, 6: new dbus packages.
New packages are available:
  dbus-1.1.2-16.el5_7
  dbus-1.2.24-5.el6_1

Solaris 10: patch for D-Bus.
A patch is available:
  SPARC: 148002-01
  X86: 148003-01

SUSE: new dbus-1 packages.
New packages are available, as indicated in information sources.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a cybersecurity note. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.