Unrated severityNVD Advisory· Published Aug 14, 2018· Updated Aug 5, 2024
CVE-2018-14424
CVE-2018-14424
Description
The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code execution.
Affected products
6- osv-coords6 versionspkg:rpm/opensuse/gdm&distro=openSUSE%20Tumbleweedpkg:rpm/suse/gdm&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/gdm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015pkg:rpm/suse/gdm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/gdm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/gdm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
< 3.38.2-2.7+ 5 more
- (no CPE)range: < 3.38.2-2.7
- (no CPE)range: < 3.10.0.1-54.6.3
- (no CPE)range: < 3.26.2.1-13.9.1
- (no CPE)range: < 3.10.0.1-54.6.3
- (no CPE)range: < 3.10.0.1-54.6.3
- (no CPE)range: < 3.10.0.1-54.6.3
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- usn.ubuntu.com/3737-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2018/dsa-4270mitrevendor-advisoryx_refsource_DEBIAN
- www.securityfocus.com/bid/105179mitrevdb-entryx_refsource_BID
- gitlab.gnome.org/GNOME/gdm/issues/401mitrex_refsource_CONFIRM
- lists.debian.org/debian-lts-announce/2018/09/msg00003.htmlmitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.