CVE-2017-7358 log
| Source |
|
| Severity | High |
| Remote | No |
| Type | Privilege escalation |
| Description | In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-470 | lightdm | 1:1.22.0-1 | High | Not affected | FS#56116 |
| References |
|---|
http://bazaar.launchpad.net/~lightdm-team/lightdm/trunk/revision/2478 |
| Notes |
|---|
We are not affected as this CVE is ubuntu-specific. The affected file (debian/guest-account.sh) is not shipped with the Arch Linux lightdm package. |