Описание
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.
Ссылки
- Third Party Advisory
- ExploitVendor Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- ExploitVendor Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
7.2 High
CVSS3
6.8 Medium
CVSS3
4.6 Medium
CVSS2
Дефекты
Связанные уязвимости
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup ...
EPSS
7.2 High
CVSS3
6.8 Medium
CVSS3
4.6 Medium
CVSS2