CVE-2020-16125

gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
PHYSICAL
LOW
LOW
CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Affected Products (NVD)
VendorProductVersion
gnomegnome_display_manager
𝑥
< 3.36.2
gnomegnome_display_manager
3.38.0 ≤
𝑥
< 3.38.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
gdm3
bookworm
43.0-3
fixed
bullseye
3.38.2.1-1
fixed
buster
no-dsa
sid
47.0-3
fixed
trixie
47.0-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gdm3
bionic
Fixed 3.28.3-0ubuntu18.04.6
released
focal
Fixed 3.36.3-0ubuntu0.20.04.2
released
groovy
Fixed 3.38.1-2ubuntu1.1
released
hirsute
Fixed 3.38.1-2ubuntu1.1
released
impish
Fixed 3.38.1-2ubuntu1.1
released
jammy
Fixed 3.38.1-2ubuntu1.1
released
kinetic
Fixed 3.38.1-2ubuntu1.1
released
lunar
Fixed 3.38.1-2ubuntu1.1
released
mantic
Fixed 3.38.1-2ubuntu1.1
released
noble
Fixed 3.38.1-2ubuntu1.1
released
trusty
dne
xenial
needed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
gdm
suse enterprise desktop 15 SP1
3.26.2.1-13.39.2
fixed
suse enterprise desktop 15 SP2
3.34.1-8.9.1
fixed
suse enterprise desktop 15 SP3
3.34.1-8.9.1
fixed
suse enterprise desktop 15 SP4
41.3-150400.2.7
fixed
suse enterprise desktop 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise desktop 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise desktop 15 SP7
45.0.1-150700.10.7
fixed
suse enterprise sap 12 SP2
3.10.0.1-54.17.2
fixed
suse enterprise sap 12 SP3
3.10.0.1-54.17.2
fixed
suse enterprise sap 12 SP4
3.10.0.1-54.17.2
fixed
suse enterprise sap 12 SP5
3.10.0.1-54.17.2
fixed
suse enterprise sap 15 SP1
3.26.2.1-13.39.2
fixed
suse enterprise sap 15 SP2
3.34.1-8.9.1
fixed
suse enterprise sap 15 SP3
3.34.1-8.9.1
fixed
suse enterprise sap 15 SP4
41.3-150400.2.7
fixed
suse enterprise sap 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise sap 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise sap 15 SP7
45.0.1-150700.10.7
fixed
suse enterprise server 12 SP2
3.10.0.1-54.17.2
fixed
suse enterprise server 12 SP3
3.10.0.1-54.17.2
fixed
suse enterprise server 12 SP4
3.10.0.1-54.17.2
fixed
suse enterprise server 12 SP5
3.10.0.1-54.17.2
fixed
suse enterprise server 15 SP1
3.26.2.1-13.39.2
fixed
suse enterprise server 15 SP2
3.34.1-8.9.1
fixed
suse enterprise server 15 SP3
3.34.1-8.9.1
fixed
suse enterprise server 15 SP4
41.3-150400.2.7
fixed
suse enterprise server 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise server 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise server 15 SP7
45.0.1-150700.10.7
fixed
gdm-devel
suse enterprise desktop 15 SP1
3.26.2.1-13.39.2
fixed
suse enterprise desktop 15 SP2
3.34.1-8.9.1
fixed
suse enterprise desktop 15 SP3
3.34.1-8.9.1
fixed
suse enterprise desktop 15 SP4
41.3-150400.2.7
fixed
suse enterprise desktop 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise desktop 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise desktop 15 SP7
45.0.1-150700.10.7
fixed
suse enterprise sap 15 SP1
3.26.2.1-13.39.2
fixed
suse enterprise sap 15 SP2
3.34.1-8.9.1
fixed
suse enterprise sap 15 SP3
3.34.1-8.9.1
fixed
suse enterprise sap 15 SP4
41.3-150400.2.7
fixed
suse enterprise sap 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise sap 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise sap 15 SP7
45.0.1-150700.10.7
fixed
suse enterprise server 15 SP1
3.26.2.1-13.39.2
fixed
suse enterprise server 15 SP2
3.34.1-8.9.1
fixed
suse enterprise server 15 SP3
3.34.1-8.9.1
fixed
suse enterprise server 15 SP4
41.3-150400.2.7
fixed
suse enterprise server 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise server 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise server 15 SP7
45.0.1-150700.10.7
fixed
gdm-lang
suse enterprise desktop 15 SP1
3.26.2.1-13.39.2
fixed
suse enterprise desktop 15 SP2
3.34.1-8.9.1
fixed
suse enterprise desktop 15 SP3
3.34.1-8.9.1
fixed
suse enterprise desktop 15 SP4
41.3-150400.2.7
fixed
suse enterprise desktop 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise desktop 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise desktop 15 SP7
45.0.1-150700.10.7
fixed
suse enterprise sap 12 SP2
3.10.0.1-54.17.2
fixed
suse enterprise sap 12 SP3
3.10.0.1-54.17.2
fixed
suse enterprise sap 12 SP4
3.10.0.1-54.17.2
fixed
suse enterprise sap 12 SP5
3.10.0.1-54.17.2
fixed
suse enterprise sap 15 SP1
3.26.2.1-13.39.2
fixed
suse enterprise sap 15 SP2
3.34.1-8.9.1
fixed
suse enterprise sap 15 SP3
3.34.1-8.9.1
fixed
suse enterprise sap 15 SP4
41.3-150400.2.7
fixed
suse enterprise sap 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise sap 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise sap 15 SP7
45.0.1-150700.10.7
fixed
suse enterprise server 12 SP2
3.10.0.1-54.17.2
fixed
suse enterprise server 12 SP3
3.10.0.1-54.17.2
fixed
suse enterprise server 12 SP4
3.10.0.1-54.17.2
fixed
suse enterprise server 12 SP5
3.10.0.1-54.17.2
fixed
suse enterprise server 15 SP1
3.26.2.1-13.39.2
fixed
suse enterprise server 15 SP2
3.34.1-8.9.1
fixed
suse enterprise server 15 SP3
3.34.1-8.9.1
fixed
suse enterprise server 15 SP4
41.3-150400.2.7
fixed
suse enterprise server 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise server 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise server 15 SP7
45.0.1-150700.10.7
fixed
gdm-schema
suse enterprise desktop 15 SP4
41.3-150400.2.7
fixed
suse enterprise desktop 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise desktop 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise desktop 15 SP7
45.0.1-150700.10.7
fixed
suse enterprise sap 15 SP4
41.3-150400.2.7
fixed
suse enterprise sap 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise sap 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise sap 15 SP7
45.0.1-150700.10.7
fixed
suse enterprise server 15 SP4
41.3-150400.2.7
fixed
suse enterprise server 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise server 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise server 15 SP7
45.0.1-150700.10.7
fixed
gdm-systemd
suse enterprise desktop 15 SP2
3.34.1-8.9.1
fixed
suse enterprise desktop 15 SP3
3.34.1-8.9.1
fixed
suse enterprise desktop 15 SP4
41.3-150400.2.7
fixed
suse enterprise desktop 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise desktop 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise desktop 15 SP7
45.0.1-150700.10.7
fixed
suse enterprise sap 15 SP2
3.34.1-8.9.1
fixed
suse enterprise sap 15 SP3
3.34.1-8.9.1
fixed
suse enterprise sap 15 SP4
41.3-150400.2.7
fixed
suse enterprise sap 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise sap 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise sap 15 SP7
45.0.1-150700.10.7
fixed
suse enterprise server 15 SP2
3.34.1-8.9.1
fixed
suse enterprise server 15 SP3
3.34.1-8.9.1
fixed
suse enterprise server 15 SP4
41.3-150400.2.7
fixed
suse enterprise server 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise server 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise server 15 SP7
45.0.1-150700.10.7
fixed
gdmflexiserver
suse enterprise desktop 15 SP1
3.26.2.1-13.39.2
fixed
suse enterprise desktop 15 SP2
3.34.1-8.9.1
fixed
suse enterprise desktop 15 SP3
3.34.1-8.9.1
fixed
suse enterprise desktop 15 SP4
41.3-150400.2.7
fixed
suse enterprise desktop 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise desktop 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise desktop 15 SP7
45.0.1-150700.10.7
fixed
suse enterprise sap 12 SP2
3.10.0.1-54.17.2
fixed
suse enterprise sap 12 SP3
3.10.0.1-54.17.2
fixed
suse enterprise sap 12 SP4
3.10.0.1-54.17.2
fixed
suse enterprise sap 12 SP5
3.10.0.1-54.17.2
fixed
suse enterprise sap 15 SP1
3.26.2.1-13.39.2
fixed
suse enterprise sap 15 SP2
3.34.1-8.9.1
fixed
suse enterprise sap 15 SP3
3.34.1-8.9.1
fixed
suse enterprise sap 15 SP4
41.3-150400.2.7
fixed
suse enterprise sap 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise sap 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise sap 15 SP7
45.0.1-150700.10.7
fixed
suse enterprise server 12 SP2
3.10.0.1-54.17.2
fixed
suse enterprise server 12 SP3
3.10.0.1-54.17.2
fixed
suse enterprise server 12 SP4
3.10.0.1-54.17.2
fixed
suse enterprise server 12 SP5
3.10.0.1-54.17.2
fixed
suse enterprise server 15 SP1
3.26.2.1-13.39.2
fixed
suse enterprise server 15 SP2
3.34.1-8.9.1
fixed
suse enterprise server 15 SP3
3.34.1-8.9.1
fixed
suse enterprise server 15 SP4
41.3-150400.2.7
fixed
suse enterprise server 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise server 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise server 15 SP7
45.0.1-150700.10.7
fixed
libgdm1
suse enterprise desktop 15 SP1
3.26.2.1-13.39.2
fixed
suse enterprise desktop 15 SP2
3.34.1-8.9.1
fixed
suse enterprise desktop 15 SP3
3.34.1-8.9.1
fixed
suse enterprise desktop 15 SP4
41.3-150400.2.7
fixed
suse enterprise desktop 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise desktop 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise desktop 15 SP7
45.0.1-150700.10.7
fixed
suse enterprise sap 12 SP2
3.10.0.1-54.17.2
fixed
suse enterprise sap 12 SP3
3.10.0.1-54.17.2
fixed
suse enterprise sap 12 SP4
3.10.0.1-54.17.2
fixed
suse enterprise sap 12 SP5
3.10.0.1-54.17.2
fixed
suse enterprise sap 15 SP1
3.26.2.1-13.39.2
fixed
suse enterprise sap 15 SP2
3.34.1-8.9.1
fixed
suse enterprise sap 15 SP3
3.34.1-8.9.1
fixed
suse enterprise sap 15 SP4
41.3-150400.2.7
fixed
suse enterprise sap 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise sap 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise sap 15 SP7
45.0.1-150700.10.7
fixed
suse enterprise server 12 SP2
3.10.0.1-54.17.2
fixed
suse enterprise server 12 SP3
3.10.0.1-54.17.2
fixed
suse enterprise server 12 SP4
3.10.0.1-54.17.2
fixed
suse enterprise server 12 SP5
3.10.0.1-54.17.2
fixed
suse enterprise server 15 SP1
3.26.2.1-13.39.2
fixed
suse enterprise server 15 SP2
3.34.1-8.9.1
fixed
suse enterprise server 15 SP3
3.34.1-8.9.1
fixed
suse enterprise server 15 SP4
41.3-150400.2.7
fixed
suse enterprise server 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise server 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise server 15 SP7
45.0.1-150700.10.7
fixed
typelib-1_0-Gdm-1_0
suse enterprise desktop 15 SP1
3.26.2.1-13.39.2
fixed
suse enterprise desktop 15 SP2
3.34.1-8.9.1
fixed
suse enterprise desktop 15 SP3
3.34.1-8.9.1
fixed
suse enterprise desktop 15 SP4
41.3-150400.2.7
fixed
suse enterprise desktop 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise desktop 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise desktop 15 SP7
45.0.1-150700.10.7
fixed
suse enterprise sap 12 SP2
3.10.0.1-54.17.2
fixed
suse enterprise sap 12 SP3
3.10.0.1-54.17.2
fixed
suse enterprise sap 12 SP4
3.10.0.1-54.17.2
fixed
suse enterprise sap 12 SP5
3.10.0.1-54.17.2
fixed
suse enterprise sap 15 SP1
3.26.2.1-13.39.2
fixed
suse enterprise sap 15 SP2
3.34.1-8.9.1
fixed
suse enterprise sap 15 SP3
3.34.1-8.9.1
fixed
suse enterprise sap 15 SP4
41.3-150400.2.7
fixed
suse enterprise sap 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise sap 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise sap 15 SP7
45.0.1-150700.10.7
fixed
suse enterprise server 12 SP2
3.10.0.1-54.17.2
fixed
suse enterprise server 12 SP3
3.10.0.1-54.17.2
fixed
suse enterprise server 12 SP4
3.10.0.1-54.17.2
fixed
suse enterprise server 12 SP5
3.10.0.1-54.17.2
fixed
suse enterprise server 15 SP1
3.26.2.1-13.39.2
fixed
suse enterprise server 15 SP2
3.34.1-8.9.1
fixed
suse enterprise server 15 SP3
3.34.1-8.9.1
fixed
suse enterprise server 15 SP4
41.3-150400.2.7
fixed
suse enterprise server 15 SP5
41.3-150400.4.6.1
fixed
suse enterprise server 15 SP6
45.0.1-150600.4.3
fixed
suse enterprise server 15 SP7
45.0.1-150700.10.7
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
gdm
RHEL 8
1:3.28.3-39.el8
fixed
glib2
RHEL 8
0:2.56.4-9.el8
fixed
glib2-devel
RHEL 8
0:2.56.4-9.el8
fixed
glib2-doc
RHEL 8
0:2.56.4-9.el8
fixed
glib2-fam
RHEL 8
0:2.56.4-9.el8
fixed
glib2-static
RHEL 8
0:2.56.4-9.el8
fixed
glib2-tests
RHEL 8
0:2.56.4-9.el8
fixed
webkit2gtk3
RHEL 8
0:2.30.4-1.el8
fixed
webkit2gtk3-devel
RHEL 8
0:2.30.4-1.el8
fixed
webkit2gtk3-jsc
RHEL 8
0:2.30.4-1.el8
fixed
webkit2gtk3-jsc-devel
RHEL 8
0:2.30.4-1.el8
fixed
Common Weakness Enumeration
References
https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1900314
https://gitlab.gnome.org/GNOME/gdm/-/issues/642
https://securitylab.github.com/advisories/GHSL-2020-202-gdm3-LPE-unresponsive-accounts-daemon
https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1900314
https://gitlab.gnome.org/GNOME/gdm/-/issues/642
https://securitylab.github.com/advisories/GHSL-2020-202-gdm3-LPE-unresponsive-accounts-daemon