Lucene search
GoogleOSV:CVE-2020-27837HistoryDec 28, 2020 - 7:15 p.m.
CVE-2020-27837
2020-12-2819:15:13
Google
osv.dev
2
A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar to CVE-2017-12164, but requires more difficult conditions to exploit.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gdm | eq | 3.7.91 | |
| gdm | eq | 3.15.92 | |
| gdm | eq | 3.7.3.1 | |
| gdm | eq | GDM2_2_15_8 | |
| gdm | eq | GDM2_2_18_0 | |
| gdm | eq | GDM2_2_13_0_6 | |
| gdm | eq | 3.4.0.1 | |
| gdm | eq | GDM2_2_4_2_99 | |
| gdm | eq | GDM2_2_13_0_10 | |
| gdm | eq | 3.9.90 |
Related
nvd
nvd
CVE-2020-27837
2020-12-28 19:15:13
CVE-2017-12164
2018-07-26 16:29:00
debiancve
debiancve
CVE-2020-27837
2020-12-28 19:15:13
CVE-2017-12164
2018-07-26 16:29:00
cvelist
cvelist
CVE-2020-27837
2020-12-28 18:34:04
CVE-2017-12164
2018-07-26 16:00:00
redhatcve
redhatcve
CVE-2020-27837
2020-12-16 14:58:33
CVE-2017-12164
2017-09-11 14:48:37
ubuntucve
ubuntucve
CVE-2020-27837
2020-12-28 00:00:00
CVE-2017-12164
2018-07-26 00:00:00
prion
prion
Race condition
2020-12-28 19:15:00
Design/Logic Flaw
2018-07-26 16:29:00
cve
cve
CVE-2020-27837
2020-12-28 19:15:13
CVE-2017-12164
2018-07-26 16:29:00
nessus
nessus
RHEL 6 : gdm (Unpatched Vulnerability)
2024-05-11 00:00:00
Fedora 33 : 1:gdm (2020-1650d8012f)
2020-12-22 00:00:00
RHEL 7 : gdm (Unpatched Vulnerability)
2024-05-11 00:00:00
osv
osv
CVE-2017-12164
2018-07-26 16:29:00
fedora
fedora
[SECURITY] Fedora 26 Update: gdm-3.24.3-1.fc26
2017-09-15 22:26:03
[SECURITY] Fedora 33 Update: gdm-3.38.2.1-1.fc33
2020-12-22 01:30:19
openvas
openvas
Mageia: Security Advisory (MGASA-2018-0056)
2022-01-28 00:00:00
Fedora Update for gdm FEDORA-2017-e7ae1ed967
2017-09-16 00:00:00
Fedora: Security Advisory for gdm (FEDORA-2020-1650d8012f)
2020-12-22 00:00:00
mageia
mageia
Updated gdm packages fix security vulnerability
2018-01-03 21:52:52
veracode
veracode
Authentication Bypass
2020-12-22 20:09:40