An issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-07-17T00:00:00
Updated: 2024-08-03T07:11:39.676Z
Reserved: 2022-05-19T00:00:00
Link: CVE-2022-31212
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-07-17T23:15:08.977
Modified: 2023-05-03T11:15:11.310
Link: CVE-2022-31212
Redhat