← Back

CVE-2014-0979

nvd nist
Published: Jan 23, 2014Modified: Apr 29, 2026

JSON object

Loading...
2.1
Vector
AV:L/AC:L/Au:N/C:N/I:N/A:P
Exploitability: 3.9 / Impact: 2.9
Source: NVD

Description

The start_authentication function in lightdm-gtk-greeter.c in LightDM GTK+ Greeter before 1.7.1 does not properly handle the return value from the lightdm_greeter_get_authentication_user function, which allows local users to cause a denial of service (NULL pointer dereference) via an empty username.

Affected (17)

Opensuse
1 product
Opensuse
Lightdm Gtk+ Greeter Project
1 product
Lightdm Gtk+ Greeter
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Opensuse
Opensuse
Version 12.2
Opensuse
Version 12.3
Opensuse
Version 13.1
Configuration B
14 vulnerable
Vulnerable SoftwareAffected Versions
Lightdm Gtk+ Greeter
Up to 1.7.0
Lightdm Gtk+ Greeter
Version 1.1.1
Lightdm Gtk+ Greeter
Version 1.1.2
Lightdm Gtk+ Greeter
Version 1.1.3
Lightdm Gtk+ Greeter
Version 1.1.4
Lightdm Gtk+ Greeter
Version 1.1.5
Lightdm Gtk+ Greeter
Version 1.1.6
Lightdm Gtk+ Greeter
Version 1.3.0
Lightdm Gtk+ Greeter
Version 1.3.1
Lightdm Gtk+ Greeter
Version 1.5.0
Lightdm Gtk+ Greeter
Version 1.5.1
Lightdm Gtk+ Greeter
Version 1.5.2
Lightdm Gtk+ Greeter
Version 1.6.0
Lightdm Gtk+ Greeter
Version 1.6.1

References (18)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.