The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code execution.
CPE | Name | Operator | Version |
---|---|---|---|
gdm | eq | GDM2_2_16_0 | |
gdm | eq | GDM_2_31_0 | |
gdm | eq | 3.15.90 | |
gdm | eq | 3.15.90.3 | |
gdm | eq | 3.19.2 | |
gdm | eq | GDM2_2_6_0_1 | |
gdm | eq | GDM_2_2_5_1 | |
gdm | eq | 3.19.90 | |
gdm | eq | GDM2_2_4_2_99 | |
gdm | eq | 3.1.91 |