CVE-2022-31213 About dbus-broker design weakness (17th July 2022)

Preface: A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. Furthermore, NULL pointer dereference issues can occur through a number of flaws including race conditions.

Background: D-Bus is an inter-process communication (IPC) mechanism initially designed to replace the software component communications systems used by the GNOME and KDE Linux desktop environments. The dbus-broker project is an implementation of a message bus as defined by the D-Bus specification.

Project using D-Bus

  • KDE: A desktop environment based on Qt
  • Gnome: A desktop environment based on gtk
  • Systemd: An init system
  • Network-manager: A daemon to manage network interfaces
  • Bluez: A project adding Bluetooth support under Linux

dbus-broker is an implementation of the D-Bus Message Bus Specification. Each instance provides a single, unique message bus that clients can connect to, and send messages over. The broker takes care of message mediation, access control, subscriptions, and bus control, according to the D-Bus specification.

Vulnerability details: An issue was discovered in dbus-broker before 31. Multiple NULL pointer dereferences can be found when supplying a malformed XML config file.

Ref: Expat is a library, written in C, for parsing XML documents. The goal of a parser is to transform XML into a readable code. XML parser is a software library or a package that provides interface for client applications to work with XML documents. It checks for proper format of the XML document and may also validate the XML documents.

Solution: Update to the latest version –

Proof of concept and related technical matters – refer to the link

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.