suse · CVE-2022-42010

Quick triage

Priority: low Published: 2022-10-08 11:42:11 UTC Updated: 2026-03-05 04:36:11 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2022-42010 severity low: SUSE including 394 source package names (0.23.1-12.3:dbus-1-1.12.2-150400.18.5.1, 0.23.1-12.3:libdbus-1-3-1.12.2-150400.18.5.1, …), 1235 product×package rows across 404 product lines (Container bci/bci-init, Container bci/kiwi, … (404 product lines)): Fixed 1125, Known Affected 110.

Description:

An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.

cvelogic Threat Intelligence