Lucene search
MitreCVELIST:CVE-2017-11171HistoryOct 03, 2022 - 4:23 p.m.
CVE-2017-11171
2022-10-0316:23:04
mitre
www.cve.org
gnome-session
local attacker
cpu consumption
Bad reference counting in the context of accept_ice_connection() in gsm-xsmp-server.c in old versions of gnome-session up until version 2.29.92 allows a local attacker to establish ICE connections to gnome-session with invalid authentication data (an invalid magic cookie). Each failed authentication attempt will leak a file descriptor in gnome-session. When the maximum number of file descriptors is exhausted in the gnome-session process, it will enter an infinite loop trying to communicate without success, consuming 100% of the CPU. The graphical session associated with the gnome-session process will stop working correctly, because communication with gnome-session is no longer possible.
Related
nessus
nessus
RHEL 6 : gnome-session (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 6 : gnome-session (Unpatched Vulnerability)
2024-06-03 00:00:00
SUSE SLES11 Security Update : gnome-session (SUSE-SU-2017:2173-1)
2017-08-17 00:00:00
nvd
nvd
CVE-2017-11171
2017-07-11 20:29:00
prion
prion
Authentication flaw
2017-07-11 20:29:00
osv
osv
CVE-2017-11171
2017-07-11 20:29:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:2173-1)
2021-06-09 00:00:00
cve
cve
CVE-2017-11171
2022-10-03 16:23:04
debiancve
debiancve
CVE-2017-11171
2022-10-03 16:23:04
redhatcve
redhatcve
CVE-2017-11171
2017-07-13 14:19:21
ubuntucve
ubuntucve
CVE-2017-11171
2017-07-11 00:00:00