Denial of Service in GNOME Display Manager by Local User Actions
CVE-2013-7273

Currently unrated

Key Information:

Vendor: Gnome
Status: Gnome Display Manager
Vendor: CVE Published:; 29 April 2014

Summary

In GNOME Display Manager (gdm) 3.4.1 and earlier, the disable-user-list feature can lead to a denial of service when local users, after entering a username, press the cancel button. This action could prevent them from successfully logging in, effectively locking them out of their accounts. This vulnerability poses a risk where user experience can be significantly affected due to this unexpected behavior.

References

http://www.openwall.com/lists/oss-security/2014/01/07/10

mailing-listx_refsource_MLIST

https://bugzilla.gnome.org/show_bug.cgi?id=704284

x_refsource_MISC

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683338

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 29, 2014
Vulnerability Reserved
Jan 7, 2014