CVE-2025-66005
📋 TL;DR
This vulnerability in InputPlumber's D-Bus interface allows local attackers to bypass authorization checks. Attackers can cause denial-of-service, leak sensitive information, or potentially escalate privileges within the current user session. Only systems running vulnerable versions of InputPlumber are affected.
💻 Affected Systems
- InputPlumber
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Privilege escalation within the current user session, allowing attackers to execute arbitrary code with the user's privileges.
Likely Case
Local denial-of-service attacks disrupting input functionality or information leaks exposing session data.
If Mitigated
Limited impact with proper D-Bus security policies and user session isolation in place.
🎯 Exploit Status
Exploitation requires local access to the D-Bus interface but no authentication to InputPlumber itself.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: v0.63.0
Vendor Advisory: https://security.opensuse.org/2026/01/09/inputplumber-lack-of-dbus-auth.html
Restart Required: Yes
Instructions:
1. Update InputPlumber to version 0.63.0 or later using your distribution's package manager. 2. Restart InputPlumber service or reboot the system.
🔧 Temporary Workarounds
Restrict D-Bus access
linuxConfigure D-Bus security policies to restrict access to InputPlumber's interface
sudo systemctl edit inputplumber.service
Add D-Bus security policy restrictions in the override file
Disable InputPlumber D-Bus interface
linuxDisable the vulnerable D-Bus interface if not required
sudo systemctl stop inputplumber
sudo systemctl disable inputplumber
🧯 If You Can't Patch
- Implement strict D-Bus security policies to limit interface access to trusted users only
- Isolate user sessions and limit local access to systems running vulnerable versions
🔍 How to Verify
Check if Vulnerable:
Check InputPlumber version: inputplumber --version or check package version via distribution package managerCheck Version:
inputplumber --version 2>/dev/null || dpkg -l | grep inputplumber || rpm -q inputplumberVerify Fix Applied:
Verify InputPlumber version is 0.63.0 or later and check D-Bus interface authorization is properly configured📡 Detection & Monitoring
Log Indicators:
- Unauthorized D-Bus method calls to InputPlumber interface
- InputPlumber service crashes or abnormal behavior
Network Indicators:
- Local D-Bus traffic to InputPlumber interface from unexpected processes
SIEM Query:
process:inputplumber AND (event_type:dbus_access OR error:permission_denied)