Simon McVittie discovered a local denial of service flaw in dbus, an
asynchronous inter-process communication system. On systems with
systemd-style service activation, dbus-daemon does not prevent forged
ActivationFailure messages from non-root processes. A malicious local
user could use this flaw to trick dbus-daemon into thinking that systemd
failed to activate a system service, resulting in an error reply back to
the requester.