AVG-879

Package gdm
Status Fixed
Severity High
Type access restriction bypass
Affected 3.30.2-2
Fixed 3.30.3-1
Current 3.32.0+2+g820f90f5-1 [extra]
Ticket None
Created Mon Feb 11 13:49:15 2019
Issue Severity Remote Type Description
CVE-2019-3825 High No Access restriction bypass
An issue has been found in gdm <= 3.30.2, allowing a local attacker with valid credentials to unlock the session for a different user than their own.
CVE-2019-3820 High No Access restriction bypass
A partial screen lock bypass via keybindings has been found in gdm <= 3.30.2, allowing a local attacker to unlock a session under certain circumstances.
Date Advisory Package Description
03 Mar 2019 ASA-201903-3 gdm access restriction bypass