CVE-2017-12164
published 2018-07-26CVE-2017-12164: A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an…
PriorityP422medium6.4CVSS 3.0
AVPACHPRNUINSUCHIHAH
EPSS
0.39%
30.4th percentile
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gdm3 | < gdm3 3.38.2.1-1 (bookworm) | gdm3 3.38.2.1-1 (bookworm) |
| debian | gdm3 | < gdm3 3.26.0-1 (bookworm) | gdm3 3.26.0-1 (bookworm) |
| gnome | gnome_display_manager | < 3.38.2.1 | 3.38.2.1 |
| gnome | gnome_display_manager | — | — |
CVSS provenance
nvdv3.06.4MEDIUMCVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.9MEDIUMAV:L/AC:M/Au:N/C:C/I:C/A:C
osv6.4MEDIUM
vendor_debian4.1MEDIUM
vendor_redhat4.1MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xpm4-75c2-wrgc: A flaw was found in GDM in versions prior to 3
ghsa_unreviewed·2022-05-24·CVSS 4.1
CVE-2020-27837 [MEDIUM] CWE-362 GHSA-xpm4-75c2-wrgc: A flaw was found in GDM in versions prior to 3
A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requires more difficult conditions to exploit.
GHSA
GHSA-87vr-968r-r3qp: A flaw was discovered in gdm 3
ghsa_unreviewed·2022-05-13
CVE-2017-12164 [MEDIUM] CWE-665 GHSA-87vr-968r-r3qp: A flaw was discovered in gdm 3
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen.
OSV
CVE-2020-27837: A flaw was found in GDM in versions prior to 3
osv·2020-12-28·CVSS 6.4
CVE-2020-27837 [MEDIUM] CVE-2020-27837: A flaw was found in GDM in versions prior to 3
A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requires more difficult conditions to exploit.
OSV
CVE-2017-12164: A flaw was discovered in gdm 3
osv·2018-07-26·CVSS 6.4
CVE-2017-12164 [MEDIUM] CVE-2017-12164: A flaw was discovered in gdm 3
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen.
Red Hat
gdm: lock screen bypass when autologin is set
vendor_redhat·2020-12-11·CVSS 4.1
CVE-2020-27837 [MEDIUM] CWE-362 gdm: lock screen bypass when autologin is set
gdm: lock screen bypass when autologin is set
A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requires more difficult conditions to exploit.
A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requires more difficult conditions to exploit.
Package: gdm (Red Hat Enterprise Linux 6) - Out of support scope
Package: gdm (Red Hat Enterprise Linux 7) - Out of support scope
Package: gdm (Red Hat En
Debian
CVE-2020-27837: gdm3 - A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the h...
vendor_debian·2020·CVSS 4.1
CVE-2020-27837 [MEDIUM] CVE-2020-27837: gdm3 - A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the h...
A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requires more difficult conditions to exploit.
Scope: local
bookworm: resolved (fixed in 3.38.2.1-1)
bullseye: resolved (fixed in 3.38.2.1-1)
forky: resolved (fixed in 3.38.2.1-1)
sid: resolved (fixed in 3.38.2.1-1)
trixie: resolved (fixed in 3.38.2.1-1)
Red Hat
gdm: lock screen can be circumvented when autologin is set
vendor_redhat·2017-06-14·CVSS 4.1
CVE-2017-12164 [MEDIUM] CWE-287 gdm: lock screen can be circumvented when autologin is set
gdm: lock screen can be circumvented when autologin is set
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen.
A flaw was discovered in the gdm where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enable for a victim, an attacker could simply select 'login as another user' to unlock their screen.
Package: gdm (Red Hat Enterprise Linux 5) - Not affected
Package: gdm (Red Hat Enterprise Linux 6) - Not affected
Package: gdm (Red Hat Enterprise Linux 7) - Not affected
Debian
CVE-2017-12164: gdm3 - A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ...
vendor_debian·2017·CVSS 4.1
CVE-2017-12164 [MEDIUM] CVE-2017-12164: gdm3 - A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ...
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen.
Scope: local
bookworm: resolved (fixed in 3.26.0-1)
bullseye: resolved (fixed in 3.26.0-1)
forky: resolved (fixed in 3.26.0-1)
sid: resolved (fixed in 3.26.0-1)
trixie: resolved (fixed in 3.26.0-1)
No detection rules found.
No public exploits indexed.
2018-07-26
Published