Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2020-28049

A local privilege escalation has been discovered in the sddm display manager < 0.19.0. If the auth file is empty, X allows any local application (= any user on the system) to connect. This is currently the case until X wrote the display number to sddm and sddm used that to write the entry into the file.

Source

Severity Medium

Remote No

Type Privilege escalation

Description

A local privilege escalation has been discovered in the sddm display manager < 0.19.0. If the auth file is empty, X allows any local application (= any user on the system) to connect. This is currently the case until X wrote the display number to sddm and sddm used that to write the entry into the file.

AVG-1266 sddm 0.18.1-3 0.19.0-1 Medium Fixed

10 Nov 2020 ASA-202011-8 AVG-1266 sddm Medium privilege escalation

https://www.openwall.com/lists/oss-security/2020/11/04/2
https://github.com/sddm/sddm/commit/be202f533ab98a684c6a007e8d5b4357846bc222

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect