Vulnerability CVE-2019-3825

Vulnerability Name:

CVE-2019-3825 (CCN-157417)

Assigned:

2019-02-06

Published:

2019-02-06

Updated:

2019-10-09

Summary:

A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user's session.

CVSS v3 Severity:

6.4 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
5.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Physical Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

6.3 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
5.5 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Physical Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-287

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2019-3825

Source: CCN
Type: Red Hat Bugzilla Bug 1672825
(CVE-2019-3825) - CVE-2019-3825 gdm: lock screen bypass when timed login is enabled

Source: CONFIRM
Type: Exploit, Issue Tracking, Mitigation, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3825

Source: XF
Type: UNKNOWN
gdm-cve20193825-sec-bypass(157417)

Source: UBUNTU
Type: Third Party Advisory
USN-3892-1

Source: CCN
Type: gdm Web site
GNOME Display Manager

Vulnerable Configuration:

Configuration 1:

cpe:/a:gnome:gnome_display_manager:*:*:*:*:*:*:*:* (Version < 3.31.4)

Configuration 2:

cpe:/o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

Configuration CCN 1:

cpe:/a:gnome:gdm:*:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20193825	V	CVE-2019-3825	2023-06-22
oval:org.opensuse.security:def:7892	P	gdm-41.3-150400.4.6.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:740	P	Security update for icu (Moderate)	2022-09-07
oval:org.opensuse.security:def:3351	P	radvd-1.9.7-2.12 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3363	P	screen-4.0.4-23.3.3 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3274	P	libusbmuxd4-1.0.10-2.3 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94904	P	gdm-41.3-150400.2.7 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:1076	P	Security update for vim (Important)	2022-06-16
oval:org.opensuse.security:def:1660	P	Security update for libslirp (Important)	2022-04-29
oval:org.opensuse.security:def:94015	P	(Important)	2022-04-12
oval:org.opensuse.security:def:100728	P	(Moderate)	2022-04-01
oval:org.opensuse.security:def:1432	P	Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP3) (Important)	2022-03-01
oval:org.opensuse.security:def:1188	P	Security update for glibc (Important)	2022-02-04
oval:org.opensuse.security:def:112281	P	gdm-3.38.2-2.7 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:105806	P	gdm-3.38.2-2.7 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:71227	P	libXRes1-1.2.0-1.18 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:47397	P	libpoppler-glib8-0.43.0-15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48260	P	patch-2.7.5-8.5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47262	P	gdm-3.10.0.1-52.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47814	P	libxml2-2-2.9.4-46.15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47261	P	gdk-pixbuf-loader-rsvg-2.40.15-4.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47590	P	davfs2-1.5.2-2.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48322	P	tboot-20190704_1.9.10-1.7 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47276	P	gstreamer-1.8.3-9.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47962	P	bash-4.3-83.23.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48176	P	libpoppler-glib8-0.43.0-16.15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47722	P	libipa_hbac0-1.16.1-2.8 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:2041	P	python3-keystoneclient-4.0.0-9.4.5 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2039	P	python-azure-agent-2.2.49.2-3.20.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:62749	P	gdm-3.34.1-8.15.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101155	P	gdm-3.34.1-8.15.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72468	P	gdm-3.34.1-8.15.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:67774	P	Security update for the Linux Kernel (Live Patch 20 for SLE 15) (Important)	2021-07-14
oval:org.opensuse.security:def:1544	P	Security update for the Linux Kernel (Important)	2021-06-29
oval:org.opensuse.security:def:48573	P	libzip2-0.11.1-12.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48418	P	freeradius-server-3.0.3-10.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48698	P	libvirt-client-32bit-1.2.5-13.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48387	P	coreutils-8.25-12.8 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48557	P	libtasn1-3.7-11.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:71114	P	ucode-intel-20180425-1.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48556	P	libtag1-1.9.1-1.218 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48489	P	libecpg6-9.4.9-14.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48896	P	colord-1.3.3-12.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:51179	P	Security update for python (Moderate)	2021-03-16
oval:org.opensuse.security:def:49463	P	Security update for nodejs10 (Important)	2021-03-02
oval:org.opensuse.security:def:51734	P	Security update for java-1_7_1-ibm (Important)	2021-02-18
oval:org.opensuse.security:def:69946	P	Security update for python (Important)	2021-02-09
oval:org.opensuse.security:def:64527	P	Security update for permissions (Moderate)	2021-01-22
oval:org.opensuse.security:def:49139	P	Security update for slurm_20_02 (Important)	2020-12-21
oval:org.opensuse.security:def:66695	P	Security update for curl (Moderate)	2020-12-09
oval:org.opensuse.security:def:62633	P	gdm-3.34.1-6.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2094	P	socat-1.7.3.2-4.10 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2067	P	libapr-util1-dbd-mysql-1.6.1-2.41 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72352	P	gdm-3.34.1-6.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49037	P	libstaroffice-0_0-0-0.0.6-10.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2096	P	squid-4.0.23-3.47 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:116952	P	gdm-3.34.1-6.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2084	P	openslp-server-2.0.0-4.13 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2059	P	dovecot23-2.3.1-2.20 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:103526	P	gdm-3.26.2.1-13.19.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2045	P	clamsap-0.99.25-2.37 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:89871	P	gdm-3.26.2.1-13.19.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2089	P	rarpd-s20161105-6.10 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62521	P	gdm-3.26.2.1-13.19.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2061	P	freeradius-server-3.0.16-1.41 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107394	P	gdm-3.34.1-6.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72240	P	gdm-3.26.2.1-13.19.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2050	P	apache2-2.4.33-1.28 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2703	P	Security update for MozillaFirefox (Important)	2020-12-02
oval:org.opensuse.security:def:2664	P	Security update for ffmpeg (Moderate)	2020-12-02
oval:org.opensuse.security:def:2744	P	Security update for gdm (Moderate)	2020-12-02
oval:org.opensuse.security:def:2622	P	Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork (Moderate)	2020-12-02
oval:org.opensuse.security:def:2644	P	Security update for ImageMagick (Moderate)	2020-12-02
oval:org.opensuse.security:def:2711	P	Security update for openexr (Moderate)	2020-12-02
oval:org.opensuse.security:def:2626	P	Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork (Moderate)	2020-12-02
oval:org.opensuse.security:def:64440	P	Security update for python (Important)	2020-12-02
oval:org.opensuse.security:def:2673	P	Security update for libnettle (Moderate)	2020-12-02
oval:org.opensuse.security:def:2713	P	Security update for python (Important)	2020-12-02
oval:org.opensuse.security:def:2697	P	Security update for netpbm (Moderate)	2020-12-02
oval:org.opensuse.security:def:2658	P	Security update for texlive (Important)	2020-12-02
oval:org.opensuse.security:def:2734	P	Security update for cups (Important)	2020-12-02
oval:org.opensuse.security:def:2632	P	Security update for cairo (Moderate)	2020-12-02
oval:org.opensuse.security:def:49891	P	ntp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49841	P	kernel-docs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49490	P	spice-vdagent on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50354	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:49516	P	gdk-pixbuf-query-loaders-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50289	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:49158	P	libarchive-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50458	P	Security update for openldap2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:67874	P	gdm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50129	P	jakarta-taglibs-standard on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49636	P	gstreamer-plugins-base-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51796	P	Security update for gdm (Moderate)	2020-12-01
oval:org.opensuse.security:def:49605	P	wavpack on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49575	P	librsvg-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49131	P	ldns-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49768	P	ant on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:70051	P	gdm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49285	P	opie-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49517	P	gdm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66603	P	python3-Jinja2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49737	P	git on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50219	P	bluez-cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73386	P	gdm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49140	P	libXcursor-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51117	P	Security update for gnutls (Important)	2020-12-01
oval:org.opensuse.security:def:49734	P	cups-ddk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73268	P	openslp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50385	P	Security update for libu2f-host (Low)	2020-12-01
oval:org.opensuse.security:def:49672	P	libjbig2-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49629	P	gdm on GA media (Moderate)	2020-12-01
oval:com.redhat.rhsa:def:20201766	P	RHSA-2020:1766: GNOME security, bug fix, and enhancement update (Moderate)	2020-04-28
oval:com.ubuntu.disco:def:201938250000000	V	CVE-2019-3825 on Ubuntu 19.04 (disco) - medium.	2019-02-06
oval:com.ubuntu.bionic:def:20193825000	V	CVE-2019-3825 on Ubuntu 18.04 LTS (bionic) - medium.	2019-02-06
oval:com.ubuntu.cosmic:def:201938250000000	V	CVE-2019-3825 on Ubuntu 18.10 (cosmic) - medium.	2019-02-06
oval:com.ubuntu.cosmic:def:20193825000	V	CVE-2019-3825 on Ubuntu 18.10 (cosmic) - medium.	2019-02-06
oval:com.ubuntu.bionic:def:201938250000000	V	CVE-2019-3825 on Ubuntu 18.04 LTS (bionic) - medium.	2019-02-06
oval:com.ubuntu.xenial:def:20193825000	V	CVE-2019-3825 on Ubuntu 16.04 LTS (xenial) - medium.	2019-02-06
oval:com.ubuntu.xenial:def:201938250000000	V	CVE-2019-3825 on Ubuntu 16.04 LTS (xenial) - medium.	2019-02-06

BACK