What is the severity of CVE-2014-0979?

CVE-2014-0979 has been classified as a medium severity vulnerability due to its potential to cause a denial of service.

How do I fix CVE-2014-0979?

To fix CVE-2014-0979, update LightDM GTK+ Greeter to version 1.7.1 or later.

What systems are affected by CVE-2014-0979?

CVE-2014-0979 affects LightDM GTK+ Greeter versions up to and including 1.7.0 and specific versions of openSUSE.

What type of vulnerability is CVE-2014-0979?

CVE-2014-0979 is a local denial of service vulnerability caused by improper handling of user input.

Can CVE-2014-0979 be exploited remotely?

No, CVE-2014-0979 can only be exploited by local users with access to the affected system.

Vulnerability/
CVE-2014-0979

low

2.1

CWE

476

23/1/2014

6/8/2024

CVE-2014-0979: Null Pointer Dereference

First published: Thu Jan 23 2014(Updated: )

The start_authentication function in lightdm-gtk-greeter.c in LightDM GTK+ Greeter before 1.7.1 does not properly handle the return value from the lightdm_greeter_get_authentication_user function, which allows local users to cause a denial of service (NULL pointer dereference) via an empty username.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
SUSE Linux	=12.2
SUSE Linux	=12.3
SUSE Linux	=13.1
LightDM GTK+ Greeter	<=1.7.0
LightDM GTK+ Greeter	=1.1.1
LightDM GTK+ Greeter	=1.1.2
LightDM GTK+ Greeter	=1.1.3
LightDM GTK+ Greeter	=1.1.4
LightDM GTK+ Greeter	=1.1.5
LightDM GTK+ Greeter	=1.1.6
LightDM GTK+ Greeter	=1.3.0
LightDM GTK+ Greeter	=1.3.1
LightDM GTK+ Greeter	=1.5.0
LightDM GTK+ Greeter	=1.5.1
LightDM GTK+ Greeter	=1.5.2
LightDM GTK+ Greeter	=1.6.0
LightDM GTK+ Greeter	=1.6.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-0979?
CVE-2014-0979 has been classified as a medium severity vulnerability due to its potential to cause a denial of service.
How do I fix CVE-2014-0979?
To fix CVE-2014-0979, update LightDM GTK+ Greeter to version 1.7.1 or later.
What systems are affected by CVE-2014-0979?
CVE-2014-0979 affects LightDM GTK+ Greeter versions up to and including 1.7.0 and specific versions of openSUSE.
What type of vulnerability is CVE-2014-0979?
CVE-2014-0979 is a local denial of service vulnerability caused by improper handling of user input.
Can CVE-2014-0979 be exploited remotely?
No, CVE-2014-0979 can only be exploited by local users with access to the affected system.

agent/type
agent/references
agent/weakness
agent/severity
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/opensuse
canonical/suse linux
version/suse linux/12.2
version/suse linux/12.3
version/suse linux/13.1
vendor/lightdm gtk\+ greeter project
canonical/lightdm gtk+ greeter
version/lightdm gtk+ greeter/1.7.0
version/lightdm gtk+ greeter/1.1.1
version/lightdm gtk+ greeter/1.1.2
version/lightdm gtk+ greeter/1.1.3
version/lightdm gtk+ greeter/1.1.4
version/lightdm gtk+ greeter/1.1.5
version/lightdm gtk+ greeter/1.1.6
version/lightdm gtk+ greeter/1.3.0
version/lightdm gtk+ greeter/1.3.1
version/lightdm gtk+ greeter/1.5.0
version/lightdm gtk+ greeter/1.5.1
version/lightdm gtk+ greeter/1.5.2
version/lightdm gtk+ greeter/1.6.0
version/lightdm gtk+ greeter/1.6.1