1.5 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:S/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
9.4%
The GDM daemon in GNOME Display Manager (GDM) before 2.14.13, 2.16.x before
2.16.7, 2.18.x before 2.18.4, and 2.19.x before 2.19.5 does not properly
handle NULL return values from the g_strsplit function, which allows local
users to cause a denial of service (persistent daemon crash) via a crafted
command to the daemonโs socket, related to (1) gdm.c and (2) gdmconfig.c in
daemon/, and (3) gdmconfig.c and (4) gdmflexiserver.c in gui/.
Author | Note |
---|---|
kees | local denial of service (many other ways to cause local DoS) |