1.5 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:S/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
9.5%
CentOS Errata and Security Advisory CESA-2007:0777
Gdm (the GNOME Display Manager) is a highly configurable reimplementation
of xdm, the X Display Manager. Gdm allows you to log into your system with
the X Window System running and supports running several different X
sessions on your local machine at the same time.
A flaw was found in the way Gdm listens on its unix domain socket. A local
user could crash a running X session by writing malicious data to Gdmโs
unix domain socket. (CVE-2007-3381)
All users of gdm should upgrade to this updated package, which contains a
backported patch that resolves this issue.
Red Hat would like to thank JLANTHEA for reporting this issue.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2007-August/076305.html
https://lists.centos.org/pipermail/centos-announce/2007-August/076306.html
Affected packages:
gdm
Upstream details at:
https://access.redhat.com/errata/RHSA-2007:0777
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 5 | x86_64 | gdm | <ย 2.16.0-31.0.1.el5.centos | gdm-2.16.0-31.0.1.el5.centos.x86_64.rpm |
CentOS | 5 | i386 | gdm | <ย 2.16.0-31.0.1.el5.centos | gdm-2.16.0-31.0.1.el5.centos.i386.rpm |