VulnerableCode Package Details - pkg:alpm/archlinux/gdm@3.38.2-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-3g4p-dnnv-aaap Aliases: CVE-2020-27837	A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requires more difficult conditions to exploit.	3.38.2.1-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-3g4p-dnnv-aaap
Aliases:
CVE-2020-27837

A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requires more difficult conditions to exploit.

3.38.2.1-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-puky-1tyt-aaah	gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.	CVE-2020-16125

Vulnerability

Summary

Aliases

VCID-puky-1tyt-aaah

gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.

CVE-2020-16125

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:47:05.494799+00:00	Arch Linux Importer	Affected by	VCID-3g4p-dnnv-aaap	https://security.archlinux.org/AVG-1380	36.0.0
2025-03-28T07:45:48.209667+00:00	Arch Linux Importer	Fixing	VCID-puky-1tyt-aaah	https://security.archlinux.org/AVG-1264	36.0.0
2024-09-18T02:02:29.051418+00:00	Arch Linux Importer	Affected by	VCID-3g4p-dnnv-aaap	https://security.archlinux.org/AVG-1380	34.0.1
2024-09-18T02:00:49.841639+00:00	Arch Linux Importer	Fixing	VCID-puky-1tyt-aaah	https://security.archlinux.org/AVG-1264	34.0.1
2024-05-29T17:42:58.984188+00:00	Arch Linux Importer	Fixing	VCID-puky-1tyt-aaah	https://security.archlinux.org/AVG-1264	34.0.0rc4
2024-01-03T22:28:29.860537+00:00	Arch Linux Importer	Affected by	VCID-3g4p-dnnv-aaap	https://security.archlinux.org/AVG-1380	34.0.0rc1
2024-01-03T22:27:07.466912+00:00	Arch Linux Importer	Fixing	VCID-puky-1tyt-aaah	https://security.archlinux.org/AVG-1264	34.0.0rc1