Bug 1204113 - (CVE-2022-42012) VUL-0: CVE-2022-42012: dbus-1: dbus-marshal-byteswap: Byte-swap Unix fd indexes if needed
(CVE-2022-42012)
VUL-0: CVE-2022-42012: dbus-1: dbus-marshal-byteswap: Byte-swap Unix fd index...
Status: NEW
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Simon Lees
Security Team bot
https://smash.suse.de/issue/344340/
CVSSv3.1:SUSE:CVE-2022-42012:4.4:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-10-07 07:05 UTC by Alexander Bergmann
Modified: 2023-01-23 08:15 UTC (History)
5 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---
stoyan.manolov: needinfo? (simonf.lees)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2022-10-07 07:05:06 UTC
CVE-2022-42012

* A message in non-native endianness with out-of-band Unix file descriptors
  would cause a use-after-free and possible memory corruption in production
  builds, or an assertion failure in debug builds. This was a regression in
  version 1.3.0. (dbus#417, CVE-2022-42012, fixed by
  https://gitlab.freedesktop.org/dbus/dbus/-/commit/236f16e444e88a984cf12b09225e0f8efa6c5b44)

References:
https://security-tracker.debian.org/tracker/dbus
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-42012
https://seclists.org/oss-sec/2022/q4/7
https://security-tracker.debian.org/tracker/DSA-5250-1
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004543
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005889
Comment 4 Simon Lees 2022-10-17 09:12:16 UTC
Should be fixed in all standard streams
Comment 5 OBSbugzilla Bot 2022-10-26 09:55:06 UTC
This is an autogenerated message for OBS integration:
This bug (1204113) was mentioned in
https://build.opensuse.org/request/show/1031295 Factory / dbus-1
Comment 6 Swamp Workflow Management 2022-10-27 19:24:13 UTC
SUSE-SU-2022:3805-1: An update that solves three vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1087072,1204111,1204112,1204113
CVE References: CVE-2022-42010,CVE-2022-42011,CVE-2022-42012
JIRA References: 
Sources used:
openSUSE Leap Micro 5.2 (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
openSUSE Leap 15.3 (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
SUSE Manager Server 4.1 (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
SUSE Manager Retail Branch Server 4.1 (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
SUSE Manager Proxy 4.1 (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
SUSE Linux Enterprise Micro 5.2 (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
SUSE Linux Enterprise Micro 5.1 (src):    dbus-1-1.12.2-150100.8.14.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
SUSE Enterprise Storage 7 (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
SUSE Enterprise Storage 6 (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1
SUSE CaaS Platform 4.0 (src):    dbus-1-1.12.2-150100.8.14.1, dbus-1-x11-1.12.2-150100.8.14.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 7 Swamp Workflow Management 2022-10-27 19:25:15 UTC
SUSE-SU-2022:3804-1: An update that solves three vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1087072,1204111,1204112,1204113
CVE References: CVE-2022-42010,CVE-2022-42011,CVE-2022-42012
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    dbus-1-1.8.22-29.24.1, dbus-1-x11-1.8.22-29.24.1
SUSE OpenStack Cloud 9 (src):    dbus-1-1.8.22-29.24.1, dbus-1-x11-1.8.22-29.24.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    dbus-1-1.8.22-29.24.1, dbus-1-x11-1.8.22-29.24.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    dbus-1-1.8.22-29.24.1, dbus-1-x11-1.8.22-29.24.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    dbus-1-1.8.22-29.24.1, dbus-1-x11-1.8.22-29.24.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 8 Swamp Workflow Management 2022-10-27 19:26:24 UTC
SUSE-SU-2022:3806-1: An update that solves three vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1087072,1204111,1204112,1204113
CVE References: CVE-2022-42010,CVE-2022-42011,CVE-2022-42012
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    dbus-1-1.12.2-150400.18.5.1, dbus-1-x11-1.12.2-150400.18.5.1
SUSE Linux Enterprise Module for Basesystem 15-SP4 (src):    dbus-1-1.12.2-150400.18.5.1, dbus-1-x11-1.12.2-150400.18.5.1
SUSE Linux Enterprise Micro 5.3 (src):    dbus-1-1.12.2-150400.18.5.1, dbus-1-x11-1.12.2-150400.18.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 11 Swamp Workflow Management 2022-11-29 20:41:32 UTC
SUSE-SU-2022:4295-1: An update that solves three vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1087072,1204111,1204112,1204113
CVE References: CVE-2022-42010,CVE-2022-42011,CVE-2022-42012
JIRA References: 
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    dbus-1-1.8.22-38.1, dbus-1-x11-1.8.22-38.1
SUSE Linux Enterprise Server 12-SP5 (src):    dbus-1-1.8.22-38.1, dbus-1-x11-1.8.22-38.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 12 Hu 2022-12-13 08:28:00 UTC
Hi Simon, thanks a lot for your work!
Our tools still show this as affected in the following codestreams:

dbus-1:
SUSE:SLE-11-SP1:Update
SUSE:SLE-12:Update
SUSE:SLE-15:Update

Do you know what the status is there? Thanks!
Comment 13 Simon Lees 2022-12-13 12:32:15 UTC
(In reply to Hu from comment #12)
> Hi Simon, thanks a lot for your work!
> Our tools still show this as affected in the following codestreams:
> 
> dbus-1:
> SUSE:SLE-11-SP1:Update
> SUSE:SLE-12:Update
> SUSE:SLE-15:Update
> 
> Do you know what the status is there? Thanks!

As far as i'm aware these are all LTSS streams and the CVSS score doesn't meet the threashold to fix them there, based on the bug being introduced in version 1.3 they are probably all still affected. If I got anything wrong in that assessment please let me know.
Comment 14 Hu 2022-12-13 13:42:06 UTC
Ah, yes you are right, SUSE:SLE-12:Update and SUSE:SLE-15:Update don't need a fix.

However, SUSE:SLE-11-SP1:Update is still supported under l3, so it needs to be fixed: https://smelt.suse.de/maintained/?q=dbus-1
Comment 15 Simon Lees 2022-12-14 00:00:20 UTC
(In reply to Hu from comment #14)
> Ah, yes you are right, SUSE:SLE-12:Update and SUSE:SLE-15:Update don't need
> a fix.
> 
> However, SUSE:SLE-11-SP1:Update is still supported under l3, so it needs to
> be fixed: https://smelt.suse.de/maintained/?q=dbus-1

Sorry I could only see SLE-SERVER_11-SP3-TERADATA there and I am under the impression that Teradata only gets the same fixes as LTSS or has that changed?
Comment 17 Thomas Leroy 2022-12-30 10:26:17 UTC
(In reply to Simon Lees from comment #15)
> (In reply to Hu from comment #14)
> > Ah, yes you are right, SUSE:SLE-12:Update and SUSE:SLE-15:Update don't need
> > a fix.
> > 
> > However, SUSE:SLE-11-SP1:Update is still supported under l3, so it needs to
> > be fixed: https://smelt.suse.de/maintained/?q=dbus-1
> 
> Sorry I could only see SLE-SERVER_11-SP3-TERADATA there and I am under the
> impression that Teradata only gets the same fixes as LTSS or has that
> changed?

Any news for 11-SP3-TD Simon? :)