Denial of Service Vulnerability in GNOME Gedit Text Editor
CVE-2017-14108
5.5MEDIUM
Summary
A vulnerability in the libgedit.a library within GNOME's text editor, gedit, allows attackers to craft malicious files starting with a high number of null characters ('\0'). When processed, these files can trigger excessive CPU consumption, leading to a denial of service. This issue affects versions of gedit up to 3.22.1, making it critical for users to avoid opening untrusted files in the application.
References
CVSS V3.1
Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved