CVE-2013-7273

GNOME Display Manager < 3.4.1 - Denial of Service via Cancel Button After Username Entry

Title source: llm

Description

GNOME Display Manager (gdm) 3.4.1 and earlier, when disable-user-list is set to true, allows local users to cause a denial of service (unable to login) by pressing the cancel button after entering a user name.

References (5)

Core 5

Core References

Issue Tracking x_refsource_confirm

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683338

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2014/01/07/10

Issue Tracking x_refsource_misc

https://bugzilla.gnome.org/show_bug.cgi?id=704284

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2014/01/07/16

Issue Tracking x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=1050745

Scores

EPSS 0.0007

EPSS Percentile 20.7%

Details

Status published

Products (16)

gnome/gnome_display_manager 3.0.0

gnome/gnome_display_manager 3.0.2

gnome/gnome_display_manager 3.0.3

gnome/gnome_display_manager 3.0.4

gnome/gnome_display_manager 3.1.2

gnome/gnome_display_manager 3.1.90

gnome/gnome_display_manager 3.1.91

gnome/gnome_display_manager 3.1.92

gnome/gnome_display_manager 3.2.0

gnome/gnome_display_manager 3.2.1

... and 6 more

Published Apr 29, 2014

Tracked Since Feb 18, 2026