A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen.

Published : 2018-07-26 16:29 Updated : 2019-10-09 23:22

CVSS Score More info
Score 6.9 / 10
Vendor Product Version URI
Gnome Gnome Display Manager 3.24.1 cpe:/a:gnome:gnome_display_manager:3.24.1
  1. Gnome (1) Search CVE
    1. Gnome Display Manager (1) Search CVE
      1. 3.24.1


ID Name Description Links
CWE-665 Improper Initialization The software does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used. CVE

History of changes

Date Event
2019-10-03 00:03
2018-09-21 17:51
2018-07-26 16:29