gdm3, bionic is vulnerable to remote code execution (RCE). The daemon in GDM does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code execution.
CPE | Name | Operator | Version |
---|---|---|---|
gdm3:bionic | eq | 3.28.0-0ubuntu1 | |
gdm3:bionic | eq | 3.28.0-0ubuntu1 |