{"id":"CVE-2018-14424","details":"The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code execution.","modified":"2026-05-18T05:51:29.426036888Z","published":"2018-08-14T18:29:00.493Z","related":["SUSE-SU-2018:2527-1","SUSE-SU-2018:2771-1","openSUSE-SU-2024:10780-1"],"database_specific":{},"references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/105179"},{"type":"ADVISORY","url":"https://gitlab.gnome.org/GNOME/gdm/issues/401"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3737-1/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4270"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00003.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gnome/gdm","events":[{"introduced":"0"},{"last_affected":"354ee7e0987a0f23b148a8a857e20cdcae4d5bdc"}],"database_specific":{"source":"CPE_FIELD","cpe":"cpe:2.3:a:gnome:gnome_display_manager:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"3.29.1"}]}}],"versions":["3.29.1","3.28.0","3.27.92","3.27.91","3.27.90","3.27.4","3.27.3","3.26.1","3.26.0","3.25.92","3.25.90","3.25.4.1","3.25.4","3.25.3","3.24.1","3.24.0","3.23.92","3.23.91.1","3.23.91","3.22.1","3.23.4","3.22.0","3.21.91","3.21.90","3.21.4","3.21.3","3.21.2","3.20.1","3.20.0","3.19.92","3.19.91","3.19.90","3.19.4.1","3.19.4","3.19.2","3.18.0","3.17.92","3.17.90","3.17.4","3.17.3.1","3.17.3","3.17.2","3.12.2","3.16.1.1","3.16.1","3.16.0.1","3.16.0","3.15.92","3.15.91.2","3.15.91.1","3.15.91","3.15.90.5","3.15.90.4","3.15.90.3","3.15.90.2","3.15.90.1","3.15.90","3.15.3.1","3.15.3","3.15.2","3.14.1","3.14.0","3.13.92","3.13.91","3.12.1","3.12.0","3.11.92.1","3.11.92","3.11.90","3.11.4","3.11.3","3.11.2","3.10.0.1","3.10.0","3.9.92","3.9.90","3.9.5","3.8.3","3.8.1.1","3.8.1","3.8.0","3.7.91","3.7.90","3.7.5","3.7.3.1","3.7.3","3.7.2","3.6.0","3.5.92.1","3.5.92","3.5.91","3.5.90","3.5.5","3.5.4.2","2.5.4.2","3.5.4.1","3.5.4","3.5.2","3.4.1","3.4.0.1","3.4.0","3.3.92.1","3.3.92","3.1.2","3.1.92","3.1.91","3.1.90","3.0.0","GDM_2_91_94","GDM_2_91_93","GDM_2_91_92","GDM_2_91_90","GDM_2_91_6","GDM_2_91_4","GDM_2_32_0","GDM_2_31_92","GDM_2_31_90","GDM_2_31_2","GDM_2_31_1","GDM_2_31_0","GDM_2_30_1","GDM_2_30_0","GDM_2_29_92","GDM_2_28_92","GDM_2_29_6","GDM_2_29_5","GDM_2_29_4","GDM_2_29_1","GDM_2_29_0","GDM_2_28_1","GDM_2_28_0","GDM_2_27_90","2.27.4","GDM_2_26_1","GDM_2_26_0","GDM_2_25_92","GDM_2_25_2","GDM_2_25_1","GDM_2_24_0","GDM_2_23_92","GDM_2_23_90","GDM_2_23_2","GDM_2_22_0","GDM_2_21_9","GDM_2_21_8","GDM_2_21_7","GDM_2_21_6","GDM_2_21_5","GDM_2_21_4","GDM_2_21_2","GDM_2_21_1","POST_SWITCH_TO_GOBJECT_BRANCH","GDM2_2_18_0","GDM2_2_17_8","GDM2_2_17_7","GDM2_2_17_6","GDM2_2_17_5","GDM2_2_17_4","GDM2_2_17_3","GDM2_2_17_2","GDM2_2_17_1","GDM2_2_17_0","GDM2_2_16_0","GDM2_2_15_10","GDM2_2_15_9","GDM2_2_15_8","GDM2_2_15_7","GDM2_2_15_6","GDM2_2_15_5","GDM2_2_15_4","GDM2_2_15_3","GDM2_2_15_2","GDM2_2_15_1","GDM2_2_15_0","GDM2_2_14_4","GDM2_2_14_3","GDM2_2_14_2","GDM2_2_14_1","GDM2_2_14_0","GDM2_2_13_0_10","GDM2_2_13_0_9","GDM2_2_13_0_8","GDM2_2_13_0_7","GDM2_2_13_0_6","GDM2_2_13_0_5","GDM2_2_13_0_4","GDM2_2_13_0_3","GDM2_2_13_0_2","GDM2_2_13_0_1","GDM2_2_13_0_0","gdm2","GDM2_2_8_0_1","GDM2_2_8_0_0","GDM2_2_6_0_8","GDM2_2_6_0_7","GDM2_2_6_0_6","GDM2_2_6_0_5","GDM2_2_6_0_4","GDM2_2_6_0_3","GDM2_2_6_0_2","GDM2_2_6_0_1","GDM2_2_6_0_0","GDM2_2_5_90_2","GDM2_2_5_90_1","GDM2_2_5_90_0","GDM2_2_4_4_5","GDM2_4_4_4","GDM2_2_4_4_3","GDM2_2_4_4_2","GDM2_2_4_4_1","GDM2_2_4_4_0","GDM2_2_4_2_102","GDM2_2_4_2_101","GDM2_2_4_2_100","GDM2_2_4_2_99","GDM2_2_4_2_98","GDM2_2_4_2_97","GDM2_2_4_2_96","GDM2_2_4_2_95","GDM2_2_4_1_3","GDM2_2_4_1_2","GDM2_2_4_1_1","GDM2_2_4_1_0","GDM2_2_4_0_11","GDM2_2_4_0_9","GDM2_2_4_0_8","GDM2_2_4_0_7","GDM2_2_4_0_6","GDM2_2_4_0_5","GDM2_2_4_0_4","GDM2_2_4_0_3","GDM2_2_4_0_2","GDM_2_4_0_1","GDM_2_4_0_0","GDM_2_3_90_6","GDM_2_3_90_5","GDM_2_3_90_4","GDM_2_3_90_3","GDM_2_3_90_2","GDM_2_3_90_1","GDM_2_2_ANCHOR","GDM_2_2_5_1","GDM_2_2_4_3","GDM_2_2_4_2","GDM_2_2_3_2","GDM_2_2_3","GDM2_2_2_2_1","GDM2_2_2_1","GNOME_PRINT_0_24","STABLE","GDM_2_0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-14424.json"}},{"ranges":[{"type":"GIT","repo":"https://gitlab.gnome.org/gnome/gdm","events":[{"introduced":"0"},{"last_affected":"354ee7e0987a0f23b148a8a857e20cdcae4d5bdc"}],"database_specific":{"source":"CPE_FIELD","cpe":"cpe:2.3:a:gnome:gnome_display_manager:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"3.29.1"}]}}],"versions":["3.29.1","3.28.0","3.27.92","3.27.91","3.27.90","3.27.4","3.27.3","3.26.1","3.26.0","3.25.92","3.25.90","3.25.4.1","3.25.4","3.25.3","3.24.1","3.24.0","3.23.92","3.23.91.1","3.23.91","3.22.1","3.23.4","3.22.0","3.21.91","3.21.90","3.21.4","3.21.3","3.21.2","3.20.1","3.20.0","3.19.92","3.19.91","3.19.90","3.19.4.1","3.19.4","3.19.2","3.18.0","3.17.92","3.17.90","3.17.4","3.17.3.1","3.17.3","3.17.2","3.12.2","3.16.1.1","3.16.1","3.16.0.1","3.16.0","3.15.92","3.15.91.2","3.15.91.1","3.15.91","3.15.90.5","3.15.90.4","3.15.90.3","3.15.90.2","3.15.90.1","3.15.90","3.15.3.1","3.15.3","3.15.2","3.14.1","3.14.0","3.13.92","3.13.91","3.12.1","3.12.0","3.11.92.1","3.11.92","3.11.90","3.11.4","3.11.3","3.11.2","3.10.0.1","3.10.0","3.9.92","3.9.90","3.9.5","3.8.3","3.8.1.1","3.8.1","3.8.0","3.7.91","3.7.90","3.7.5","3.7.3.1","3.7.3","3.7.2","3.6.0","3.5.92.1","3.5.92","3.5.91","3.5.90","3.5.5","3.5.4.2","2.5.4.2","3.5.4.1","3.5.4","3.5.2","3.4.1","3.4.0.1","3.4.0","3.3.92.1","3.3.92","3.1.2","3.1.92","3.1.91","3.1.90","3.0.0","GDM_2_91_94","GDM_2_91_93","GDM_2_91_92","GDM_2_91_90","GDM_2_91_6","GDM_2_91_4","GDM_2_32_0","GDM_2_31_92","GDM_2_31_90","GDM_2_31_2","GDM_2_31_1","GDM_2_31_0","GDM_2_30_1","GDM_2_30_0","GDM_2_29_92","GDM_2_28_92","GDM_2_29_6","GDM_2_29_5","GDM_2_29_4","GDM_2_29_1","GDM_2_29_0","GDM_2_28_1","GDM_2_28_0","GDM_2_27_90","2.27.4","GDM_2_26_1","GDM_2_26_0","GDM_2_25_92","GDM_2_25_2","GDM_2_25_1","GDM_2_24_0","GDM_2_23_92","GDM_2_23_90","GDM_2_23_2","GDM_2_22_0","GDM_2_21_9","GDM_2_21_8","GDM_2_21_7","GDM_2_21_6","GDM_2_21_5","GDM_2_21_4","GDM_2_21_2","GDM_2_21_1","POST_SWITCH_TO_GOBJECT_BRANCH","GDM2_2_18_0","GDM2_2_17_8","GDM2_2_17_7","GDM2_2_17_6","GDM2_2_17_5","GDM2_2_17_4","GDM2_2_17_3","GDM2_2_17_2","GDM2_2_17_1","GDM2_2_17_0","GDM2_2_16_0","GDM2_2_15_10","GDM2_2_15_9","GDM2_2_15_8","GDM2_2_15_7","GDM2_2_15_6","GDM2_2_15_5","GDM2_2_15_4","GDM2_2_15_3","GDM2_2_15_2","GDM2_2_15_1","GDM2_2_15_0","GDM2_2_14_4","GDM2_2_14_3","GDM2_2_14_2","GDM2_2_14_1","GDM2_2_14_0","GDM2_2_13_0_10","GDM2_2_13_0_9","GDM2_2_13_0_8","GDM2_2_13_0_7","GDM2_2_13_0_6","GDM2_2_13_0_5","GDM2_2_13_0_4","GDM2_2_13_0_3","GDM2_2_13_0_2","GDM2_2_13_0_1","GDM2_2_13_0_0","gdm2","GDM2_2_8_0_1","GDM2_2_8_0_0","GDM2_2_6_0_8","GDM2_2_6_0_7","GDM2_2_6_0_6","GDM2_2_6_0_5","GDM2_2_6_0_4","GDM2_2_6_0_3","GDM2_2_6_0_2","GDM2_2_6_0_1","GDM2_2_6_0_0","GDM2_2_5_90_2","GDM2_2_5_90_1","GDM2_2_5_90_0","GDM2_2_4_4_5","GDM2_4_4_4","GDM2_2_4_4_3","GDM2_2_4_4_2","GDM2_2_4_4_1","GDM2_2_4_4_0","GDM2_2_4_2_102","GDM2_2_4_2_101","GDM2_2_4_2_100","GDM2_2_4_2_99","GDM2_2_4_2_98","GDM2_2_4_2_97","GDM2_2_4_2_96","GDM2_2_4_2_95","GDM2_2_4_1_3","GDM2_2_4_1_2","GDM2_2_4_1_1","GDM2_2_4_1_0","GDM2_2_4_0_11","GDM2_2_4_0_9","GDM2_2_4_0_8","GDM2_2_4_0_7","GDM2_2_4_0_6","GDM2_2_4_0_5","GDM2_2_4_0_4","GDM2_2_4_0_3","GDM2_2_4_0_2","GDM_2_4_0_1","GDM_2_4_0_0","GDM_2_3_90_6","GDM_2_3_90_5","GDM_2_3_90_4","GDM_2_3_90_3","GDM_2_3_90_2","GDM_2_3_90_1","GDM_2_2_ANCHOR","GDM_2_2_5_1","GDM_2_2_4_3","GDM_2_2_4_2","GDM_2_2_3_2","GDM_2_2_3","GDM2_2_2_2_1","GDM2_2_2_1","GNOME_PRINT_0_24","STABLE","GDM_2_0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-14424.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}