Candidate: CVE-2014-0979
PublicDate: 2014-01-23 01:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0979
 https://bugs.launchpad.net/lightdm-gtk-greeter/+bug/1266449
 https://bugzilla.novell.com/show_bug.cgi?id=857303
Description:
 The start_authentication function in lightdm-gtk-greeter.c in LightDM GTK+
 Greeter before 1.7.1 does not properly handle the return value from the
 lightdm_greeter_get_authentication_user function, which allows local users
 to cause a denial of service (NULL pointer dereference) via an empty
 username.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734472
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_lightdm-gtk-greeter:
upstream_lightdm-gtk-greeter: released (1.6.1-5)
lucid_lightdm-gtk-greeter: DNE
precise_lightdm-gtk-greeter: ignored (reached end-of-life)
precise/esm_lightdm-gtk-greeter: DNE (precise was needed)
quantal_lightdm-gtk-greeter: ignored (reached end-of-life)
raring_lightdm-gtk-greeter: ignored (reached end-of-life)
saucy_lightdm-gtk-greeter: ignored (reached end-of-life)
trusty_lightdm-gtk-greeter: not-affected (1.8.4-0ubuntu1)
trusty/esm_lightdm-gtk-greeter: DNE (trusty was not-affected [1.8.4-0ubuntu1])
utopic_lightdm-gtk-greeter: not-affected (1.8.4-0ubuntu1)
vivid_lightdm-gtk-greeter: not-affected (1.8.4-0ubuntu1)
vivid/stable-phone-overlay_lightdm-gtk-greeter: DNE
vivid/ubuntu-core_lightdm-gtk-greeter: DNE
wily_lightdm-gtk-greeter: not-affected (1.8.4-0ubuntu1)
xenial_lightdm-gtk-greeter: not-affected (1.8.4-0ubuntu1)
yakkety_lightdm-gtk-greeter: not-affected (1.8.4-0ubuntu1)
zesty_lightdm-gtk-greeter: not-affected (1.8.4-0ubuntu1)
devel_lightdm-gtk-greeter: not-affected (1.8.4-0ubuntu1)