In LightDM up to and including 1.22.0, a directory traversal issue in debian/guest-account.sh allows local malicious users to own arbitrary directory path locations and escalate privileges to root when the guest user logs out.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lightdm project lightdm |
||
canonical ubuntu linux 16.10 |
||
canonical ubuntu linux 16.04 |