rpm package
suse/gdm&distro=SUSE Linux Enterprise Module for Desktop Applications 15
pkg:rpm/suse/gdm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-3825 | — | < 3.26.2.1-13.19.2 | 3.26.2.1-13.19.2 | Feb 6, 2019 | A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user's session. | ||
| CVE-2018-14424 | — | < 3.26.2.1-13.9.1 | 3.26.2.1-13.9.1 | Aug 14, 2018 | The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or pote |
- CVE-2019-3825Feb 6, 2019affected < 3.26.2.1-13.19.2fixed 3.26.2.1-13.19.2
A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user's session.
- CVE-2018-14424Aug 14, 2018affected < 3.26.2.1-13.9.1fixed 3.26.2.1-13.9.1
The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or pote