Описание
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 3.26.0-1ubuntu1 |
| devel | released | 3.26.0-1ubuntu1 |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needs-triage | |
| vivid/ubuntu-core | DNE | |
| xenial | not-affected | code not present |
Показывать по
Ссылки на источники
EPSS
6.9 Medium
CVSS2
4.1 Medium
CVSS3
Связанные уязвимости
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen.
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen.
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer se ...
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen.
EPSS
6.9 Medium
CVSS2
4.1 Medium
CVSS3