The daemon in GDM up to and including 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local malicious user to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnome gnome display manager |