In pam/gkr-pam-module.c in GNOME Keyring prior to 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnome gnome keyring |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 16.04 |
||
oracle zfs storage appliance kit 8.8 |