-
Notifications
You must be signed in to change notification settings - Fork 325
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reachable assertion in dbus_set_host_name #453
Comments
PR #427 is already merged. That means this should be possible just by root. We want it fixed anyway. In general dots are quite poorly handled in almost all dbus methods using hostnames. |
This issue appears to have CVE-2023-38471 assigned. |
msekletar
added a commit
to msekletar/avahi
that referenced
this issue
Oct 23, 2023
Previously we could create invalid escape sequence when we split the string on dot. For example, from valid host name "Foo\\.Bar" we have created invalid name "Foo\\" and tried to set that as a hostname which later crashed the daemon. Fixes avahi#453 CVE-2023-38471
msekletar
added a commit
to msekletar/avahi
that referenced
this issue
Oct 23, 2023
Previously we could create invalid escape sequence when we split the string on dot. For example, from valid host name "Foo\\.Bar" we have created invalid name "Foo\\" and tried to set that as a hostname which later crashed the daemon. Fixes avahi#453 CVE-2023-38471
msekletar
added a commit
to msekletar/avahi
that referenced
this issue
Oct 23, 2023
Previously we could create invalid escape sequence when we split the string on dot. For example, from valid host name "foo\\.bar" we have created invalid name "foo\\" and tried to set that as a hostname which crashed the daemon. Fixes avahi#453 CVE-2023-38471
msekletar
added a commit
to msekletar/avahi
that referenced
this issue
Oct 23, 2023
Previously we could create invalid escape sequence when we split the string on dot. For example, from valid host name "foo\\.bar" we have created invalid name "foo\\" and tried to set that as the host name which crashed the daemon. Fixes avahi#453 CVE-2023-38471
msekletar
added a commit
to msekletar/avahi
that referenced
this issue
Oct 23, 2023
Previously we could create invalid escape sequence when we split the string on dot. For example, from valid host name "foo\\.bar" we have created invalid name "foo\\" and tried to set that as the host name which crashed the daemon. Fixes avahi#453 CVE-2023-38471
evverx
pushed a commit
that referenced
this issue
Oct 24, 2023
Previously we could create invalid escape sequence when we split the string on dot. For example, from valid host name "foo\\.bar" we have created invalid name "foo\\" and tried to set that as the host name which crashed the daemon. Fixes #453 CVE-2023-38471
evverx
added a commit
to evverx/avahi
that referenced
this issue
Oct 24, 2023
It's prompted by avahi#453
evverx
added a commit
to evverx/avahi
that referenced
this issue
Oct 24, 2023
It's prompted by avahi#453
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It can be triggered by unprivileged local users unless 1c599d8 is backported.
The text was updated successfully, but these errors were encountered: