Red Hat Bugzilla – Bug 1284574
CVE-2015-8316 lightdm: XDMCP request packet with no addresses crashes LightDM
Last modified: 2016-03-24 10:36:45 EDT
It was found that when XDMCP sercer is enabled and LightDM receives an XDMCP Request packet with no addresses, it will attempt to access a negative index into an array, causing denial of service.
Created lightdm tracking bugs for this issue:
Affects: fedora-all [bug 1284575]
per linked fedora bug,
According to the CVE_2015-8316 text, "some versions of LightDM (1.14 and 1.16 series) are vulnerable".
Fedora (and EPEL) ship lightdm-1.10.x, so it would appear we are safe, closing.