The GDM daemon in GNOME Display Manager (GDM) before 2.14.13, 2.16.x before 2.16.7, 2.18.x before 2.18.4, and 2.19.x before 2.19.5 does not properly handle NULL return values from the g_strsplit function, which allows local users to cause a denial of service (persistent daemon crash) via a crafted command to the daemon's socket, related to (1) gdm.c and (2) gdmconfig.c in daemon/, and (3) gdmconfig.c and (4) gdmflexiserver.c in gui/.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2007-08-07T10:00:00
Updated: 2024-08-07T14:14:12.887Z
Reserved: 2007-06-25T00:00:00
Link: CVE-2007-3381
Vulnrichment
No data.
NVD
Status : Modified
Published: 2007-08-07T10:17:00.000
Modified: 2024-11-21T00:33:05.940
Link: CVE-2007-3381
Redhat