View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2022-42011 severity moderate: SUSE including 395 source package names (0.23.1-12.3:dbus-1-1.12.2-150400.18.5.1, 0.23.1-12.3:libdbus-1-3-1.12.2-150400.18.5.1, …), 1236 product×package rows across 405 product lines (Container bci/bci-init, Container bci/kiwi, … (405 product lines)): Fixed 1125, Known Affected 110, Known Not Affected 1.
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.