CVE-2018-14424

The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code execution.

Published : 2018-08-14 18:29 Updated : 2018-10-18 20:21

4.6
CVSS Score More info
Score 4.6 / 10
4.6
Vendor Product Version URI
Gnome Gnome Display Manager 3.29.1 cpe:/a:gnome:gnome_display_manager:3.29.1
  1. Gnome (1) Search CVE
    1. Gnome Display Manager (1) Search CVE
      1. 3.29.1

CWE

ID Name Description Links
CWE-416 Use After Free Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code. CVE

History of changes

Date Event
2018-10-18 20:21
2018-09-06 10:29
2018-08-31 10:29
2018-08-15 10:29
2018-08-14 18:29

New CVE