#VU36816 Improper Initialization in GNOME Display Manager - CVE-2017-12164

Cybersecurity Help s.r.o.

Published: 2018-07-26 | Updated: 2020-08-08

Vulnerability identifier: #VU36816

Vulnerability risk: Medium

CVSSv4.0: 2 [CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2017-12164

CWE-ID: CWE-665

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
GNOME Display Manager
Client/Desktop applications / Other client software

Vendor: Gnome Development Team

Description

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen.

Mitigation
Install update from vendor's website.

Vulnerable software versions

GNOME Display Manager: 3.24.1

External links
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12164
https://gitlab.gnome.org/GNOME/gdm/commit/ff98b28

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Improper Initialization in GNOME Display Manager

Fedora 26 update for gdm