CVE-2015-8316

Published: Sep 6, 2017Modified: May 13, 2026

5.9

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.2 / Impact: 3.6

Source: NVD

Description

Array index error in LightDM (aka Light Display Manager) 1.14.3, 1.16.x before 1.16.6 when the XDMCP server is enabled allows remote attackers to cause a denial of service (process crash) via an XDMCP request packet with no address.

Affected (6)

Products: Lightdm Project: Lightdm

Lightdm Project

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Lightdm Project Lightdm	Version 1.14.3
Lightdm Project Lightdm	Version 1.16.1
Lightdm Project Lightdm	Version 1.16.2
Lightdm Project Lightdm	Version 1.16.3
Lightdm Project Lightdm	Version 1.16.4
Lightdm Project Lightdm	Version 1.16

Related CWEs

Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

References (6)

http://www.openwall.com/lists/oss-security/2015/11/22/1

Source: security@debian.org

Mailing ListVDB Entry

https://bugs.launchpad.net/lightdm/+bug/1516831

Source: security@debian.org

Issue TrackingThird Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1284574

Source: security@debian.org

Issue TrackingThird Party AdvisoryVDB Entry

http://www.openwall.com/lists/oss-security/2015/11/22/1

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListVDB Entry

https://bugs.launchpad.net/lightdm/+bug/1516831

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1284574

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party AdvisoryVDB Entry

Timeline

No history available yet.