Burghard Britzke

**Name of the Vulnerable Software and Affected Versions** gdm versions prior to 3.31.4 **Description** A vulnerability was discovered in gdm that allows an attacker to bypass the lock screen when timed login is enabled. By selecting the timed login user and waiting for the timer to expire, an attacker could gain access to the logged-in user's session. The issue is related to insufficient authentication in the Gnome Display Manager, which could allow an attacker to obtain unauthorized access to protected information. **Recommendations** For gdm versions prior to 3.31.4, update to version 3.31.4 or later to resolve the issue. As a temporary workaround, consider disabling the timed login feature until a patch is available. Restrict access to the lock screen to minimize the risk of exploitation. Avoid using the timed login user selection feature in the affected gdm versions until the issue is resolved.