Security Advisory

CVE-2020-16127

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-11-11 04:10:15

Last updated 2024-09-16 17:58:49

Assigner canonical

State PUBLISHED

Description

An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled ~/.pam_environment files, allowing an infinite loop if /dev/zero is symlinked to this location.

← Browse all CVEs View on cve.org ↗