Advisories » MGASA-2017-0248

Updated gdm packages fix security vulnerability

Publication date: 07 Aug 2017
Modification date: 07 Aug 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-7496

Description

It was found that gdm could crash due to a signal handler dispatched to an
invalid conversation. An attacker could crash gdm by holding the escape key
when the screen is locked, possibly bypassing the locked screen
(CVE-2015-7496).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=21450
• https://access.redhat.com/errata/RHSA-2017:2128
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7496

SRPMS

5/core

• gdm-3.14.2-5.1.mga5