Tobias Guggenmos

**Name of the Vulnerable Software and Affected Versions** gdm version 3.24.1 **Description** A flaw was discovered in gdm where the gdm greeter was no longer setting the ran once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen. **Recommendations** For gdm version 3.24.1, update to a version where the gdm greeter correctly sets the ran once boolean during autologin to prevent attackers from unlocking screens by selecting 'login as another user'.