CVE-2020-27837

Source
https://nvd.nist.gov/vuln/detail/CVE-2020-27837
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-27837.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-27837
Related
Published
2020-12-28T19:15:13Z
Modified
2024-10-25T23:49:48.729723Z
Severity
  • 6.4 (Medium) CVSS_V3 - CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requires more difficult conditions to exploit.

References

Affected packages

Debian:11 / gdm3

Package

Name
gdm3
Purl
pkg:deb/debian/gdm3?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.38.2.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / gdm3

Package

Name
gdm3
Purl
pkg:deb/debian/gdm3?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.38.2.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / gdm3

Package

Name
gdm3
Purl
pkg:deb/debian/gdm3?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.38.2.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / gitlab.gnome.org/GNOME/gdm

Affected ranges

Type
GIT
Repo
https://gitlab.gnome.org/GNOME/gdm
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

2.*

2.27.4
2.5.4.2

3.*

3.0.0
3.1.2
3.1.90
3.1.91
3.1.92
3.10.0
3.10.0.1
3.11.2
3.11.3
3.11.4
3.11.90
3.11.92
3.11.92.1
3.12.0
3.12.1
3.12.2
3.13.91
3.13.92
3.14.0
3.14.1
3.15.2
3.15.3
3.15.3.1
3.15.90
3.15.90.1
3.15.90.2
3.15.90.3
3.15.90.4
3.15.90.5
3.15.91
3.15.91.1
3.15.91.2
3.15.92
3.16.0
3.16.0.1
3.16.1
3.16.1.1
3.17.2
3.17.3
3.17.3.1
3.17.4
3.17.90
3.17.92
3.18.0
3.19.2
3.19.4
3.19.4.1
3.19.90
3.19.91
3.19.92
3.20.0
3.20.1
3.21.2
3.21.3
3.21.4
3.21.90
3.21.91
3.22.0
3.22.1
3.23.4
3.23.91
3.23.91.1
3.23.92
3.24.0
3.24.1
3.25.3
3.25.4
3.25.4.1
3.25.90
3.25.92
3.26.0
3.26.1
3.27.3
3.27.4
3.27.90
3.27.91
3.27.92
3.28.0
3.29.1
3.29.90
3.29.91
3.29.92
3.3.92
3.3.92.1
3.30.0
3.30.1
3.30.2
3.31.4
3.31.91
3.32.0
3.33.4
3.33.90
3.33.92
3.34.0
3.34.1
3.37.1
3.37.3
3.37.90
3.38.0
3.38.1
3.38.2
3.4.0
3.4.0.1
3.4.1
3.5.2
3.5.4
3.5.4.1
3.5.4.2
3.5.5
3.5.90
3.5.91
3.5.92
3.5.92.1
3.6.0
3.7.2
3.7.3
3.7.3.1
3.7.5
3.7.90
3.7.91
3.8.0
3.8.1
3.8.1.1
3.8.3
3.9.5
3.9.90
3.9.92

Other

GDM2_2_13_0_0
GDM2_2_13_0_1
GDM2_2_13_0_10
GDM2_2_13_0_2
GDM2_2_13_0_3
GDM2_2_13_0_4
GDM2_2_13_0_5
GDM2_2_13_0_6
GDM2_2_13_0_7
GDM2_2_13_0_8
GDM2_2_13_0_9
GDM2_2_14_0
GDM2_2_14_1
GDM2_2_14_2
GDM2_2_14_3
GDM2_2_14_4
GDM2_2_15_0
GDM2_2_15_1
GDM2_2_15_10
GDM2_2_15_2
GDM2_2_15_3
GDM2_2_15_4
GDM2_2_15_5
GDM2_2_15_6
GDM2_2_15_7
GDM2_2_15_8
GDM2_2_15_9
GDM2_2_16_0
GDM2_2_17_0
GDM2_2_17_1
GDM2_2_17_2
GDM2_2_17_3
GDM2_2_17_4
GDM2_2_17_5
GDM2_2_17_6
GDM2_2_17_7
GDM2_2_17_8
GDM2_2_18_0
GDM2_2_2_1
GDM2_2_2_2_1
GDM2_2_4_0_11
GDM2_2_4_0_2
GDM2_2_4_0_3
GDM2_2_4_0_4
GDM2_2_4_0_5
GDM2_2_4_0_6
GDM2_2_4_0_7
GDM2_2_4_0_8
GDM2_2_4_0_9
GDM2_2_4_1_0
GDM2_2_4_1_1
GDM2_2_4_1_2
GDM2_2_4_1_3
GDM2_2_4_2_100
GDM2_2_4_2_101
GDM2_2_4_2_102
GDM2_2_4_2_95
GDM2_2_4_2_96
GDM2_2_4_2_97
GDM2_2_4_2_98
GDM2_2_4_2_99
GDM2_2_4_4_0
GDM2_2_4_4_1
GDM2_2_4_4_2
GDM2_2_4_4_3
GDM2_2_4_4_5
GDM2_2_5_90_0
GDM2_2_5_90_1
GDM2_2_5_90_2
GDM2_2_6_0_0
GDM2_2_6_0_1
GDM2_2_6_0_2
GDM2_2_6_0_3
GDM2_2_6_0_4
GDM2_2_6_0_5
GDM2_2_6_0_6
GDM2_2_6_0_7
GDM2_2_6_0_8
GDM2_2_8_0_0
GDM2_2_8_0_1
GDM2_4_4_4
GDM_2_0
GDM_2_21_1
GDM_2_21_2
GDM_2_21_4
GDM_2_21_5
GDM_2_21_6
GDM_2_21_7
GDM_2_21_8
GDM_2_21_9
GDM_2_22_0
GDM_2_23_2
GDM_2_23_90
GDM_2_23_92
GDM_2_24_0
GDM_2_25_1
GDM_2_25_2
GDM_2_25_92
GDM_2_26_0
GDM_2_26_1
GDM_2_27_90
GDM_2_28_0
GDM_2_28_1
GDM_2_28_92
GDM_2_29_0
GDM_2_29_1
GDM_2_29_4
GDM_2_29_5
GDM_2_29_6
GDM_2_29_92
GDM_2_2_3
GDM_2_2_3_2
GDM_2_2_4_2
GDM_2_2_4_3
GDM_2_2_5_1
GDM_2_2_ANCHOR
GDM_2_30_0
GDM_2_30_1
GDM_2_31_0
GDM_2_31_1
GDM_2_31_2
GDM_2_31_90
GDM_2_31_92
GDM_2_32_0
GDM_2_3_90_1
GDM_2_3_90_2
GDM_2_3_90_3
GDM_2_3_90_4
GDM_2_3_90_5
GDM_2_3_90_6
GDM_2_4_0_0
GDM_2_4_0_1
GDM_2_91_4
GDM_2_91_6
GDM_2_91_90
GDM_2_91_92
GDM_2_91_93
GDM_2_91_94
GNOME_PRINT_0_24
POST_SWITCH_TO_GOBJECT_BRANCH
STABLE
gdm2