CVE-2017-12164

Description

A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen.

Affected packages (1)

• Debian/gdm3from 0, < 3.26.0-1

CVSS scores

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2017-12164