sddm project sddm vulnerabilities and exploits

(subscribe to this query)

3.3

CVSSv2

An issue exists in SDDM prior to 0.19.0. It incorrectly starts the X server in a way that - for a short time period - allows local unprivileged users to create a connection to the X server without providing proper authentication. A local attacker can thus access X server display ...

Sddm Project Sddm Opensuse Leap 15.1 Opensuse Leap 15.2 Debian Debian Linux 9.0 Debian Debian Linux 10.0 Fedoraproject Fedora 33

6

CVSSv2

An issue exists in SDDM up to and including 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display...

Sddm Project Sddm

7.2

CVSSv2

Simple Desktop Display Manager (SDDM) prior to 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race cond...

Sddm Project Sddm Fedoraproject Fedora 20 Fedoraproject Fedora 21

4.6

CVSSv2

Simple Desktop Display Manager (SDDM) prior to 0.10.0 allows local users to log in as user "sddm" without authentication.

Sddm Project Sddm Fedoraproject Fedora 20 Fedoraproject Fedora 21

4.6

CVSSv2

daemon/Greeter.cpp in sddm prior to 0.13.0 does not properly disable the KDE crash handler, which allows local users to gain privileges by crashing a greeter when using certain themes, as demonstrated by the plasma-workspace breeze theme.

Fedoraproject Fedora 22 Sddm Project Sddm

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook