The GDM daemon in GNOME Display Manager (GDM) before 2.14.13, 2.16.x before 2.16.7, 2.18.x before 2.18.4, and 2.19.x before 2.19.5 does not properly handle NULL return values from the g_strsplit function, which allows local users to cause a denial of service (persistent daemon crash) via a crafted command to the daemon's socket, related to (1) gdm.c and (2) gdmconfig.c in daemon/, and (3) gdmconfig.c and (4) gdmflexiserver.c in gui/.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2007-08-07T10:00:00

Updated: 2024-08-07T14:14:12.887Z

Reserved: 2007-06-25T00:00:00

Link: CVE-2007-3381

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2007-08-07T10:17:00.000

Modified: 2024-11-21T00:33:05.940

Link: CVE-2007-3381

cve-icon Redhat

Severity : Moderate

Publid Date: 2007-07-30T00:00:00Z

Links: CVE-2007-3381 - Bugzilla