In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out.
In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out.
http://bazaar.launchpad.net/~lightdm-team/lightdm/trunk/revision/2478
We are not affected as this CVE is ubuntu-specific. The affected file (debian/guest-account.sh) is not shipped with the Arch Linux lightdm package.