Unrated severityNVD Advisory· Published Oct 7, 2008· Updated Apr 23, 2026
CVE-2008-3834
CVE-2008-3834
Description
The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.
Affected products
44cpe:2.3:a:freedesktop:dbus:*:*:*:*:*:*:*:*+ 39 more
- cpe:2.3:a:freedesktop:dbus:*:*:*:*:*:*:*:*range: <=1.1.4
- cpe:2.3:a:freedesktop:dbus:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.10:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.11:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.12:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.13:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.20:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.21:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.22:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.23:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.23.1:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.23.2:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.23.3:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.31:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.32:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.33:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.34:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.35:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.35.1:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.35.2:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.36:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.36.1:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.36.2:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.50:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.61:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.62:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.90:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.91:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:0.92:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:freedesktop:dbus1.0:rc1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:freedesktop:dbus1.0:rc1:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus1.0:rc2:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus1.0:rc3:*:*:*:*:*:*:*
- cpe:2.3:a:freedesktop:dbus1.1.0:*:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
22- secunia.com/advisories/32127nvdVendor Advisory
- kb.juniper.net/InfoCenter/indexnvd
- lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.htmlnvd
- lists.opensuse.org/opensuse-updates/2012-10/msg00094.htmlnvd
- secunia.com/advisories/32230nvd
- secunia.com/advisories/32281nvd
- secunia.com/advisories/32385nvd
- secunia.com/advisories/33396nvd
- www.debian.org/security/2008/dsa-1658nvd
- www.freedesktop.org/wiki/Software/dbusnvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/support/errata/RHSA-2009-0008.htmlnvd
- www.securityfocus.com/bid/31602nvd
- www.securitytracker.com/idnvd
- www.ubuntu.com/usn/usn-653-1nvd
- www.vupen.com/english/advisories/2008/2762nvd
- bugs.freedesktop.org/show_bug.cginvd
- bugzilla.redhat.com/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/45701nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10253nvd
- www.exploit-db.com/exploits/7822nvd
- www.redhat.com/archives/fedora-package-announce/2008-October/msg00298.htmlnvd
News mentions
0No linked articles in our index yet.