oss-sec mailing list archives
Re: CVE request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference
From: Yves-Alexis Perez <corsac () debian org>
Date: Tue, 7 Jan 2014 14:39:50 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Tue, Jan 07, 2014 at 11:47:31AM +0100, Guido Berhoerster wrote:
Hi, an openSUSE user discovered that it is trivial to crash lightdm-gtk-greeter by entering an empty username due to a NULL pointer dereference. When a greeter crashes the lightdm daemon exits. This constitutes a local denial of service which can be triggered by any unprivileged attacker requiring the intervention of an administrator to restart lightdm. It affects all versions of lightdm-gtk-greeter. The initial downstream report is at https://bugzilla.novell.com/show_bug.cgi?id=857303, the bug has been reported upstream at https://bugs.launchpad.net/lightdm-gtk-greeter/+bug/1266449 and fixes for the 1.1 and 1.3 series are available at https://build.opensuse.org/package/view_file/home:gberh:branches:OBS_Maintained:lightdm-gtk-greeter/lightdm-gtk-greeter.openSUSE_12.2_Update/lightdm-gtk-greeter-handle-invalid-user.patch?expand=1 and https://build.opensuse.org/package/view_file/home:gberh:branches:OBS_Maintained:lightdm-gtk-greeter/lightdm-gtk-greeter.openSUSE_13.1_Update/lightdm-gtk-greeter-handle-invalid-user.patch?expand=1 Could a CVE be assigned to this issue please?
I can confirm the bug on Debian (lightdm-gtk-greeter 1.6.1-4 and 1.7.0-1) as well as that the patch above seems to correctly fix it. Regards, - -- Yves-Alexis Perez -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBCgAGBQJSzAOiAAoJEG3bU/KmdcClIVcH/iiWbn87U8CSi7Lpkw3qT/X5 eNgtg9uPflrkPUjmCq2GcagCZHWB8voKOGTZUaSQ9gE1vS/AsjcqZFt7vc+YYoEZ +IgR2jbJj/6qlFxB78kKKvscsxX0W5iwmRiTjwLwnCb6rt5AmnHm6Qp7KhEXM5mA DgHr+1zDzuQwQoGicDq+pU9yDxWrvXn/d0y1WbpYliqkh+Ao2jtl3CrboLsJaU/e scuxy0QDBaOWZAbgdUTWjhnERzTd9ZxC68IcsnXb3gdHw77TYzDOf8Muu9H0OV95 L4ClypusfRdsNR71hiG8c5+YxVxBiJayd4iDK7AXcmwZhWTpvxMK6ef78SjPXjs= =gy2y -----END PGP SIGNATURE-----
Current thread:
- CVE request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference Guido Berhoerster (Jan 07)
- Re: CVE request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference Yves-Alexis Perez (Jan 07)
- Re: CVE request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference Daniel Kahn Gillmor (Jan 07)
- Re: CVE request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference cve-assign (Jan 07)
- Re: CVE request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference Yves-Alexis Perez (Jan 07)
- Re: CVE request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference cve-assign (Jan 07)