CVE-2020-27837
N/A
N/A
Summary
A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requires more difficult conditions to exploit.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | gdm | prior to 3.38.2.1 | affected |
Weaknesses
- CWE-362: CWE-362
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.