CVE-2020-16125

EUVD-2020-8091
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
PHYSICAL
LOW
LOW
CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
canonicalCNA
7.2 HIGH
PHYSICAL
LOW
LOW
CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Affected Products (NVD)
VendorProductVersion
gnomegnome_display_manager
𝑥
< 3.36.2
gnomegnome_display_manager
3.38.0 ≤
𝑥
< 3.38.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
gdm3
bookworm
43.0-3
fixed
bullseye
3.38.2.1-1
fixed
buster
no-dsa
sid
47.0-3
fixed
trixie
47.0-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gdm3
bionic
Fixed 3.28.3-0ubuntu18.04.6
released
focal
Fixed 3.36.3-0ubuntu0.20.04.2
released
groovy
Fixed 3.38.1-2ubuntu1.1
released
hirsute
Fixed 3.38.1-2ubuntu1.1
released
impish
Fixed 3.38.1-2ubuntu1.1
released
jammy
Fixed 3.38.1-2ubuntu1.1
released
kinetic
Fixed 3.38.1-2ubuntu1.1
released
lunar
Fixed 3.38.1-2ubuntu1.1
released
mantic
Fixed 3.38.1-2ubuntu1.1
released
noble
Fixed 3.38.1-2ubuntu1.1
released
trusty
dne
xenial
needed
Common Weakness Enumeration
References
https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1900314
https://gitlab.gnome.org/GNOME/gdm/-/issues/642
https://securitylab.github.com/advisories/GHSL-2020-202-gdm3-LPE-unresponsive-accounts-daemon
https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1900314
https://gitlab.gnome.org/GNOME/gdm/-/issues/642
https://securitylab.github.com/advisories/GHSL-2020-202-gdm3-LPE-unresponsive-accounts-daemon