CVE-2022-42011

An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.
Configurations

Configuration 1

cpe:2.3:a:d-bus_project:d-bus:*:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:*:*:*:*:*:*:*:*
cpe:2.3:a:d-bus_project:d-bus:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

Information

Published : 2022-10-10 12:15

Updated : 2023-01-18 09:20


NVD link : CVE-2022-42011

Mitre link : CVE-2022-42011

Products Affected
No products.
CWE
CWE-129

Improper Validation of Array Index