3 matches found
MGASA-2021-0003 Updated gdm packages fix a security vulnerability
Kevin Backhouse discovered that GDM incorrectly launched the initial setup tool when the accountsservice daemon was not reachable. A local attacker able to cause accountsservice to crash or stop responding could trick GDM into launching the initial setup tool and create a privileged user...
MGASA-2018-0056 Updated gdm packages fix security vulnerability
Updated gdm packages fix security vulnerability: A flaw was discovered in the gdm where gdm greeter was no longer setting the ranonce boolean during autologin. If autologin was enable for a victim, an attacker could simply select 'login as another user' to unlock their screen CVE-2017-12164...
MGASA-2017-0248 Updated gdm packages fix security vulnerability
It was found that gdm could crash due to a signal handler dispatched to an invalid conversation. An attacker could crash gdm by holding the escape key when the screen is locked, possibly bypassing the locked screen CVE-2015-7496...