Security Advisory

CVE-2020-16125

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-11-10 04:20:13
Last updated 2024-09-17 03:59:24
Assigner canonical
State PUBLISHED

Description

gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 cant contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.