Search for packages
Package details: pkg:deb/debian/gdm3@3.30.2-3
purl pkg:deb/debian/gdm3@3.30.2-3
Next non-vulnerable version 3.38.2.1-1
Latest non-vulnerable version 3.38.2.1-1
Risk 4.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-3g4p-dnnv-aaap
Aliases:
CVE-2020-27837
A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requires more difficult conditions to exploit.
3.38.2.1-1
Affected by 0 other vulnerabilities.
VCID-puky-1tyt-aaah
Aliases:
CVE-2020-16125
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.
3.38.2.1-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-5czt-7amb-aaan The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code execution. CVE-2018-14424
VCID-z8hh-resj-aaaf A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user's session. CVE-2019-3825
VCID-zva4-hb6t-aaae A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen. CVE-2017-12164

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-22T02:49:28.062363+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-21T16:29:13.850295+00:00 Debian Oval Importer Fixing VCID-z8hh-resj-aaaf https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T16:18:19.208655+00:00 Debian Oval Importer Fixing VCID-zva4-hb6t-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:42:37.986419+00:00 Debian Oval Importer Fixing VCID-5czt-7amb-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T08:34:44.526162+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah None 36.1.3
2025-06-21T07:02:18.567698+00:00 Debian Importer Affected by VCID-3g4p-dnnv-aaap https://security-tracker.debian.org/tracker/data/json 36.1.3
2025-06-21T05:12:45.245221+00:00 Debian Oval Importer Affected by VCID-puky-1tyt-aaah None 36.1.3
2025-06-21T01:33:33.716151+00:00 Debian Oval Importer Affected by VCID-3g4p-dnnv-aaap None 36.1.3
2025-06-21T00:06:16.457885+00:00 Debian Oval Importer Fixing VCID-5czt-7amb-aaan None 36.1.3
2025-06-21T00:02:56.086080+00:00 Debian Oval Importer Fixing VCID-zva4-hb6t-aaae None 36.1.3
2025-06-20T22:21:34.020804+00:00 Debian Oval Importer Fixing VCID-z8hh-resj-aaaf None 36.1.3
2025-06-20T22:17:10.526529+00:00 Debian Importer Affected by VCID-3g4p-dnnv-aaap None 36.1.3
2025-06-08T12:17:13.258806+00:00 Debian Oval Importer Affected by VCID-3g4p-dnnv-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T09:15:06.088472+00:00 Debian Oval Importer Fixing VCID-z8hh-resj-aaaf https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:04:36.027628+00:00 Debian Oval Importer Fixing VCID-zva4-hb6t-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:36:50.836197+00:00 Debian Oval Importer Fixing VCID-5czt-7amb-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-07T22:50:16.092739+00:00 Debian Oval Importer Affected by VCID-puky-1tyt-aaah None 36.1.0
2025-06-07T18:56:33.991281+00:00 Debian Oval Importer Affected by VCID-3g4p-dnnv-aaap None 36.1.0
2025-06-07T17:29:02.739838+00:00 Debian Oval Importer Fixing VCID-5czt-7amb-aaan None 36.1.0
2025-06-07T17:25:44.090956+00:00 Debian Oval Importer Fixing VCID-zva4-hb6t-aaae None 36.1.0
2025-06-07T15:45:46.969625+00:00 Debian Oval Importer Fixing VCID-z8hh-resj-aaaf None 36.1.0
2025-04-12T21:52:25.282352+00:00 Debian Oval Importer Fixing VCID-5czt-7amb-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T21:29:29.994655+00:00 Debian Oval Importer Fixing VCID-zva4-hb6t-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:40:29.362651+00:00 Debian Oval Importer Fixing VCID-z8hh-resj-aaaf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:03:38.586029+00:00 Debian Oval Importer Affected by VCID-puky-1tyt-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:03:01.911193+00:00 Debian Oval Importer Affected by VCID-3g4p-dnnv-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T07:47:06.776173+00:00 Debian Oval Importer Fixing VCID-z8hh-resj-aaaf https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T07:36:18.873726+00:00 Debian Oval Importer Fixing VCID-zva4-hb6t-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T05:09:12.616601+00:00 Debian Oval Importer Fixing VCID-5czt-7amb-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-07T21:22:11.993473+00:00 Debian Oval Importer Affected by VCID-puky-1tyt-aaah None 36.0.0
2025-04-07T17:34:25.635576+00:00 Debian Oval Importer Affected by VCID-3g4p-dnnv-aaap None 36.0.0
2025-04-07T16:03:31.529216+00:00 Debian Oval Importer Fixing VCID-5czt-7amb-aaan None 36.0.0
2025-04-07T16:00:03.745261+00:00 Debian Oval Importer Fixing VCID-zva4-hb6t-aaae None 36.0.0
2025-04-07T14:16:30.633522+00:00 Debian Oval Importer Fixing VCID-z8hh-resj-aaaf None 36.0.0
2025-04-07T05:09:48.212179+00:00 Debian Importer Fixing VCID-z8hh-resj-aaaf None 36.0.0
2025-04-05T21:14:28.655610+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-05T05:50:44.842512+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah None 36.0.0
2025-04-05T04:18:21.961132+00:00 Debian Importer Affected by VCID-3g4p-dnnv-aaap https://security-tracker.debian.org/tracker/data/json 36.0.0
2025-04-04T00:55:37.536615+00:00 Debian Importer Affected by VCID-3g4p-dnnv-aaap None 36.0.0
2025-02-19T15:58:12.623847+00:00 Debian Importer Affected by VCID-3g4p-dnnv-aaap https://security-tracker.debian.org/tracker/data/json 35.1.0
2025-02-19T15:58:10.530459+00:00 Debian Importer Affected by VCID-3g4p-dnnv-aaap None 35.1.0
2025-02-19T14:03:56.983883+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah https://security-tracker.debian.org/tracker/data/json 35.1.0
2025-02-19T14:03:56.240756+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah None 35.1.0
2025-02-19T09:29:14.849088+00:00 Debian Importer Fixing VCID-z8hh-resj-aaaf None 35.1.0
2024-11-22T12:56:27.078633+00:00 Debian Importer Affected by VCID-3g4p-dnnv-aaap https://security-tracker.debian.org/tracker/data/json 35.0.0
2024-11-22T12:56:25.053772+00:00 Debian Importer Affected by VCID-3g4p-dnnv-aaap None 35.0.0
2024-11-22T11:15:48.697761+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah https://security-tracker.debian.org/tracker/data/json 35.0.0
2024-11-22T11:15:47.979405+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah None 35.0.0
2024-11-20T09:50:22.961396+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah https://security-tracker.debian.org/tracker/data/json 34.3.2
2024-11-20T09:50:22.241115+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah None 34.3.2
2024-10-09T12:29:30.418980+00:00 Debian Importer Affected by VCID-3g4p-dnnv-aaap https://security-tracker.debian.org/tracker/data/json 34.0.2
2024-10-09T12:29:28.392100+00:00 Debian Importer Affected by VCID-3g4p-dnnv-aaap None 34.0.2
2024-10-09T10:27:29.672906+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah https://security-tracker.debian.org/tracker/data/json 34.0.2
2024-10-09T10:27:28.940672+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah None 34.0.2
2024-09-18T21:57:38.515547+00:00 Debian Importer Affected by VCID-3g4p-dnnv-aaap https://security-tracker.debian.org/tracker/data/json 34.0.1
2024-09-18T21:57:36.491739+00:00 Debian Importer Affected by VCID-3g4p-dnnv-aaap None 34.0.1
2024-09-18T20:30:37.429655+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah https://security-tracker.debian.org/tracker/data/json 34.0.1
2024-09-18T20:30:36.583049+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah None 34.0.1
2024-04-24T19:29:08.464605+00:00 Debian Importer Affected by VCID-3g4p-dnnv-aaap https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-24T19:29:05.366226+00:00 Debian Importer Affected by VCID-3g4p-dnnv-aaap None 34.0.0rc4
2024-04-24T18:25:04.550970+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-24T18:25:03.775001+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah None 34.0.0rc4
2024-04-24T15:56:20.891725+00:00 Debian Importer Fixing VCID-z8hh-resj-aaaf None 34.0.0rc4
2024-01-10T20:55:55.287625+00:00 Debian Importer Affected by VCID-3g4p-dnnv-aaap https://security-tracker.debian.org/tracker/data/json 34.0.0rc2
2024-01-10T20:55:48.704493+00:00 Debian Importer Affected by VCID-3g4p-dnnv-aaap None 34.0.0rc2
2024-01-10T19:54:20.845413+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah https://security-tracker.debian.org/tracker/data/json 34.0.0rc2
2024-01-10T19:54:20.036815+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah None 34.0.0rc2
2024-01-10T18:16:32.271155+00:00 Debian Importer Fixing VCID-z8hh-resj-aaaf None 34.0.0rc2
2024-01-04T10:14:11.023393+00:00 Debian Importer Affected by VCID-3g4p-dnnv-aaap https://security-tracker.debian.org/tracker/data/json 34.0.0rc1
2024-01-04T10:14:04.767059+00:00 Debian Importer Affected by VCID-3g4p-dnnv-aaap None 34.0.0rc1
2024-01-04T09:18:57.773028+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah https://security-tracker.debian.org/tracker/data/json 34.0.0rc1
2024-01-04T09:18:56.952819+00:00 Debian Importer Affected by VCID-puky-1tyt-aaah None 34.0.0rc1
2024-01-04T07:47:45.195118+00:00 Debian Importer Fixing VCID-z8hh-resj-aaaf None 34.0.0rc1