CVE-2020-27837 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Low
Remote	No
Type	Authentication bypass
Description	A security issue was found in gdm before version 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requires more difficult conditions to exploit.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1380	gdm	3.38.2-1	3.38.2.1-1	Low	Fixed

References
https://bugzilla.redhat.com/show_bug.cgi?id=1906812 https://gitlab.gnome.org/GNOME/gdm/-/issues/660 https://gitlab.gnome.org/GNOME/gdm/-/commit/9b6d9b24a5f69674447c7bc9aacfab0988b914bd