rpm package
suse/gdm&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3
pkg:rpm/suse/gdm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-16125 | — | < 3.10.0.1-54.17.2 | 3.10.0.1-54.17.2 | Nov 10, 2020 | gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a | ||
| CVE-2018-14424 | — | < 3.10.0.1-54.6.3 | 3.10.0.1-54.6.3 | Aug 14, 2018 | The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or pote |
- CVE-2020-16125Nov 10, 2020affected < 3.10.0.1-54.17.2fixed 3.10.0.1-54.17.2
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a
- CVE-2018-14424Aug 14, 2018affected < 3.10.0.1-54.6.3fixed 3.10.0.1-54.6.3
The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or pote