gdm

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Display manager and login screen
Version 41.0+r15+g23ebe617-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1380 3.38.2-1 3.38.2.1-1 Low Fixed
AVG-1264 3.38.1-3 3.38.2-1 High Fixed
AVG-879 3.30.2-2 3.30.3-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2020-27837 AVG-1380 Low No Authentication bypass
A security issue was found in gdm before version 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen...
CVE-2020-16125 AVG-1264 High No Privilege escalation
gdm before 3.38.2 can be tricked into launching gnome-initial-setup, enabling an unprivileged user to create a new user account for themselves. The new...
CVE-2019-3825 AVG-879 High No Access restriction bypass
An issue has been found in gdm <= 3.30.2, allowing a local attacker with valid credentials to unlock the session for a different user than their own.
CVE-2019-3820 AVG-879 High No Access restriction bypass
A partial screen lock bypass via keybindings has been found in gdm <= 3.30.2, allowing a local attacker to unlock a session under certain circumstances.

Advisories

Date Advisory Group Severity Type
10 Nov 2020 ASA-202011-5 AVG-1264 High privilege escalation
03 Mar 2019 ASA-201903-3 AVG-879 High access restriction bypass