CentOS Errata and Security Advisory CESA-2007:0777
Gdm (the GNOME Display Manager) is a highly configurable reimplementation of xdm, the X Display Manager. Gdm allows you to log into your system with the X Window System running and supports running several different X sessions on your local machine at the same time.
A flaw was found in the way Gdm listens on its unix domain socket. A local user could crash a running X session by writing malicious data to Gdm's unix domain socket. (CVE-2007-3381)
All users of gdm should upgrade to this updated package, which contains a backported patch that resolves this issue.
Red Hat would like to thank JLANTHEA for reporting this issue.
Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2007-August/026181.html http://lists.centos.org/pipermail/centos-announce/2007-August/026182.html
Affected packages: gdm
Upstream details at: https://rhn.redhat.com/errata/RHSA-2007-0777.html