{"id":"UBUNTU-CVE-2015-8316","details":"Array index error in LightDM (aka Light Display Manager) 1.14.3, 1.16.x before 1.16.6 when the XDMCP server is enabled allows remote attackers to cause a denial of service (process crash) via an XDMCP request packet with no address.","modified":"2025-07-16T07:33:31.007606Z","published":"2017-09-06T21:29:00Z","withdrawn":"2025-07-18T16:43:18Z","upstream":["CVE-2015-8316"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-8316"},{"type":"REPORT","url":"http://www.openwall.com/lists/oss-security/2015/11/21/2"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2015-8316"}],"affected":[{"package":{"name":"lightdm","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/lightdm@1.17.2-0ubuntu1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.17.2-0ubuntu1"}]}],"versions":["1.16.4-0ubuntu1","1.17.0-0ubuntu1","1.17.1-0ubuntu1","1.17.1-0ubuntu2"],"ecosystem_specific":{"binaries":[{"binary_version":"1.17.2-0ubuntu1","binary_name":"gir1.2-lightdm-1"},{"binary_version":"1.17.2-0ubuntu1","binary_name":"liblightdm-gobject-1-0"},{"binary_version":"1.17.2-0ubuntu1","binary_name":"liblightdm-gobject-1-0-dbgsym"},{"binary_version":"1.17.2-0ubuntu1","binary_name":"liblightdm-gobject-1-dev"},{"binary_version":"1.17.2-0ubuntu1","binary_name":"liblightdm-gobject-1-doc"},{"binary_version":"1.17.2-0ubuntu1","binary_name":"liblightdm-qt-3-0"},{"binary_version":"1.17.2-0ubuntu1","binary_name":"liblightdm-qt-3-0-dbgsym"},{"binary_version":"1.17.2-0ubuntu1","binary_name":"liblightdm-qt-dev"},{"binary_version":"1.17.2-0ubuntu1","binary_name":"liblightdm-qt5-3-0"},{"binary_version":"1.17.2-0ubuntu1","binary_name":"liblightdm-qt5-3-0-dbgsym"},{"binary_version":"1.17.2-0ubuntu1","binary_name":"liblightdm-qt5-3-dev"},{"binary_version":"1.17.2-0ubuntu1","binary_name":"lightdm"},{"binary_version":"1.17.2-0ubuntu1","binary_name":"lightdm-dbgsym"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2015/UBUNTU-CVE-2015-8316.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}