dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum recursion depth before the initial message is forwarded.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "dbus-1-doc": "1.6.18-0ubuntu4.1", "libdbus-1-3": "1.6.18-0ubuntu4.1", "dbus": "1.6.18-0ubuntu4.1", "dbus-1-dbg": "1.6.18-0ubuntu4.1", "dbus-x11": "1.6.18-0ubuntu4.1", "libdbus-1-dev": "1.6.18-0ubuntu4.1" } ] }