PT-2017-18610 · Red Hat+1 · Systemd+3
Tyler Hicks
·
Published
2017-05-12
·
Updated
2019-10-03
·
CVE-2017-8900
CVSS v3.1
4.6
Medium
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
LightDM versions prior to 1.22.0
Description
The issue allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session, specifically when systemd is used in Ubuntu 16.10 and 17.x.
Recommendations
For LightDM versions prior to 1.22.0, update to version 1.22.0 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Apparmor
Lightdm
Ubuntu
Systemd