CVE-2020-16125
published 2020-11-10CVE-2020-16125: gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu…
PriorityP425medium6.8CVSS 3.1
AVPACLPRNUINSUCHIHAH
EPSS
1.11%
61.8th percentile
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gdm3 | < gdm3 3.38.2-1 (bookworm) | gdm3 3.38.2-1 (bookworm) |
| gnome | gdm3 | >= 0 < 3.38.2-1 | 3.38.2-1 |
| gnome | gdm3 | >= 0 < 3.38.2-1 | 3.38.2-1 |
| gnome | gdm3 | >= 0 < 3.38.2-1 | 3.38.2-1 |
| gnome | gdm3 | >= 0 < 3.38.2-1 | 3.38.2-1 |
| gnome | gdm3 | >= 3.36 < 3.36.4 | 3.36.4 |
| gnome | gdm3 | >= 3.38 < 3.38.2 | 3.38.2 |
| gnome | gnome_display_manager | < 3.36.2 | 3.36.2 |
| gnome | gnome_display_manager | >= 3.38.0 < 3.38.2 | 3.38.2 |
CVSS provenance
nvdv3.16.8MEDIUMCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian7.2HIGH
vendor_redhat7.2HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-pc8h-hq5p-vf38: gdm3 versions before 3
ghsa_unreviewed·2022-05-24
CVE-2020-16125 [MEDIUM] CWE-754 GHSA-pc8h-hq5p-vf38: gdm3 versions before 3
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.
OSV
CVE-2020-16125: gdm3 versions before 3
osv·2020-11-10·CVSS 6.8
CVE-2020-16125 [MEDIUM] CVE-2020-16125: gdm3 versions before 3
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.
Red Hat
gdm: inability to timely contact accountservice via dbus leads gnome-initial-setup to creation of account with admin privileges
vendor_redhat·2020-11-10·CVSS 7.2
CVE-2020-16125 [HIGH] CWE-636 gdm: inability to timely contact accountservice via dbus leads gnome-initial-setup to creation of account with admin privileges
gdm: inability to timely contact accountservice via dbus leads gnome-initial-setup to creation of account with admin privileges
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.
A vulnerability was found in GDM. If gdm can't contact the AccountService service via DBus in a timely manner it would default to assume there are no existing users and would allow the attacker to create a new user with high privileges.
Package: gdm (Red Hat Enterprise Linux 5) - Out of support scope
Package: gdm (Red Hat Enterprise Linux 6) - Out of support sco
Ubuntu
GDM vulnerability
vendor_ubuntu·2020-11-03
CVE-2020-16125 GDM vulnerability
Title: GDM vulnerability
Summary: GDM could be made to create privileged users.
Kevin Backhouse discovered that GDM incorrectly launched the initial setup
tool when the accountsservice daemon was not reachable. A local attacker
able to cause accountsservice to crash or stop responding could trick GDM
into launching the initial setup tool and create a privileged user.
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
Debian
CVE-2020-16125: gdm3 - gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 ca...
vendor_debian·2020·CVSS 7.2
CVE-2020-16125 [HIGH] CVE-2020-16125: gdm3 - gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 ca...
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.
Scope: local
bookworm: resolved (fixed in 3.38.2-1)
bullseye: resolved (fixed in 3.38.2-1)
forky: resolved (fixed in 3.38.2-1)
sid: resolved (fixed in 3.38.2-1)
trixie: resolved (fixed in 3.38.2-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1900314https://gitlab.gnome.org/GNOME/gdm/-/issues/642https://securitylab.github.com/advisories/GHSL-2020-202-gdm3-LPE-unresponsive-accounts-daemonhttps://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1900314https://gitlab.gnome.org/GNOME/gdm/-/issues/642https://securitylab.github.com/advisories/GHSL-2020-202-gdm3-LPE-unresponsive-accounts-daemon
2020-11-10
Published