9 matches found
CVE-2026-25704
A flaw was found in cosmic-greeter. This vulnerability is a Time-of-check Time-of-use TOCTOU race condition, which occurs when an application checks for a condition and then uses the result of that check, but the condition changes between the check and the use. A local attacker can exploit this...
EUVD-2026-17067
A Privilege Dropping / Lowering Errors/Time-of-check Time-of-use TOCTOU Race Condition vulnerability in cosmic-greeter can allow an attacker to regain privileges that should have been dropped and abuse them in the racy checking logic. This issue affects cosmic-greeter before...
CVE-2026-25704
A Privilege Dropping / Lowering Errors/Time-of-check Time-of-use TOCTOU Race Condition vulnerability in cosmic-greeter can allow an attacker to regain privileges that should have been dropped and abuse them in the racy checking logic. This issue affects cosmic-greeter before...
CVE-2026-25704
A Privilege Dropping / Lowering Errors/Time-of-check Time-of-use TOCTOU Race Condition vulnerability in cosmic-greeter can allow an attacker to regain privileges that should have been dropped and abuse them in the racy checking logic. This issue affects cosmic-greeter before...
CVE-2026-25704 Incomplete privilege drop for com.system76.CosmicGreeter.GetUserData
A Privilege Dropping / Lowering Errors/Time-of-check Time-of-use TOCTOU Race Condition vulnerability in cosmic-greeter can allow an attacker to regain privileges that should have been dropped and abuse them in the racy checking logic. This issue affects cosmic-greeter before...
CVE-2026-25704
The CVE-2026-25704 entry concerns cosmic-greeter and describes a TOCTOU race condition that can allow a local attacker to regain privileges that should have been dropped due to incomplete privilege dropping in the GetUserData flow. Multiple connected feeds corroborate that the issue affects cosmi...
CVE-2026-25704 Incomplete privilege drop for com.system76.CosmicGreeter.GetUserData
A Privilege Dropping / Lowering Errors/Time-of-check Time-of-use TOCTOU Race Condition vulnerability in cosmic-greeter can allow an attacker to regain privileges that should have been dropped and abuse them in the racy checking logic. This issue affects cosmic-greeter before...
cosmic-greeter 安全漏洞
Cosmic-Greeter is a login manager open source from Pop!OS. Cosmic-Greeter has a security vulnerability, which stems from privilege disposal or reduction errors, as well as race conditions. This could allow attackers to reacquire discarded privileges and exploit the competing check logic...
PT-2026-28805
Name of the Vulnerable Software and Affected Versions cosmic-greeter versions prior to https://github.Com/pop-os/cosmic-greeter/pull/426 Description A Time-of-check Time-of-use TOCTOU race condition exists in cosmic-greeter. This condition can allow an attacker to regain privileges that should ha...