SUSE-SU-2018:2527-1

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2018-14424

Published: 27 Aug 2018, 09:17

Last modified:04 Feb 2026, 02:17

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

27 Aug 2018, 09:17

Published

Vulnerability first disclosed

04 Feb 2026, 02:17

Last Modified

Vulnerability information updated

Description

Security update for gdm This update for gdm fixes the following security issue: - CVE-2018-14424: The daemon in GDM did not properly unexport display objects from its D-Bus interface when they are destroyed, which allowed a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code execution (bsc#1103737).

Affected Systems

suse•gdm&distro=SUSE Linux Enterprise Desktop 12 SP3
< 3.10.0.1-54.6.3
suse•gdm&distro=SUSE Linux Enterprise Server 12 SP3
< 3.10.0.1-54.6.3
suse•gdm&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3
< 3.10.0.1-54.6.3
suse•gdm&distro=SUSE Linux Enterprise Software Development Kit 12 SP3
< 3.10.0.1-54.6.3

SUSE-SU-2018:2527-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)