desktop-packages team mailing list archive
-
desktop-packages team
-
Mailing list archive
-
Message #150572
[Bug 1516831] Re: XDMCP Request packet with no addresses crashes LightDM
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-8316
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/1516831
Title:
XDMCP Request packet with no addresses crashes LightDM
Status in Light Display Manager:
Fix Released
Status in Light Display Manager 1.14 series:
Fix Released
Status in Light Display Manager 1.16 series:
Fix Released
Status in lightdm package in Ubuntu:
Fix Committed
Status in lightdm source package in Wily:
Fix Committed
Bug description:
[Impact]
If LightDM receives an XDMCP Request packet with no addresses then it will attempt to access a negative index into an array and crash. This only occurs if the XDMCP server is enabled.
[Test Case]
1. Enable XDMCP in lightdm.conf:
[XDMCPServer]
enabled=true
2. Start LightDM
3. Send an XDMCP Request without an empty addresses field (valid XDMCP servers do not send this).
Expected result:
The request is ignored.
Observed result:
LightDM crashes.
To manage notifications about this bug go to:
https://bugs.launchpad.net/lightdm/+bug/1516831/+subscriptions