suse · CVE-2022-42011

Quick triage

Priority: medium Published: 2022-10-08 11:42:11 UTC Updated: 2026-03-05 04:36:10 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2022-42011 severity moderate: SUSE including 395 source package names (0.23.1-12.3:dbus-1-1.12.2-150400.18.5.1, 0.23.1-12.3:libdbus-1-3-1.12.2-150400.18.5.1, …), 1236 product×package rows across 405 product lines (Container bci/bci-init, Container bci/kiwi, … (405 product lines)): Fixed 1125, Known Affected 110, Known Not Affected 1.

Description:

An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.

cvelogic Threat Intelligence