Vulnerability CVE-2020-16125

Vulnerability Name:

CVE-2020-16125 (CCN-191381)

Assigned:

2020-10-17

Published:

2020-10-17

Updated:

2020-11-24

Summary:

gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.

CVSS v3 Severity:

6.8 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
5.9 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Physical Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

6.4 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
5.6 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Physical Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-754
CWE-636

Vulnerability Consequences:

Gain Privileges

References:

Source: MITRE
Type: CNA
CVE-2020-16125

Source: MISC
Type: Third Party Advisory
https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1900314

Source: XF
Type: UNKNOWN
gnome-cve202016125-priv-esc(191381)

Source: CCN
Type: GNOME GIT Repository
gdm3 privilege escalation due to unresponsive accounts-daemon (GHSL-2020-202)

Source: MISC
Type: Exploit, Vendor Advisory
https://gitlab.gnome.org/GNOME/gdm/-/issues/642

Source: MISC
Type: Exploit, Third Party Advisory
https://securitylab.github.com/advisories/GHSL-2020-202-gdm3-LPE-unresponsive-accounts-daemon

Vulnerable Configuration:

Configuration 1:

cpe:/a:gnome:gnome_display_manager:*:*:*:*:*:*:*:* (Version < 3.36.2)

OR cpe:/a:gnome:gnome_display_manager:*:*:*:*:*:*:*:* (Version >= 3.38.0 and < 3.38.2)

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:202016125	V	CVE-2020-16125	2023-06-22
oval:org.opensuse.security:def:7892	P	gdm-41.3-150400.4.6.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:5334	P	Security update for postgresql13 (Important)	2022-08-26
oval:org.opensuse.security:def:3391	P	unzip-6.00-33.8.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3274	P	libusbmuxd4-1.0.10-2.3 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3412	P	yast2-core-3.3.1-1.7 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3414	P	yubikey-manager-0.6.0-1.27 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3361	P	sane-backends-1.0.24-3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3415	P	zoo-2.10-1020.56 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3400	P	xdg-utils-20140630-6.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3418	P	DirectFB-1.7.1-6.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94751	P	log4j12-1.2.17-4.9.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94904	P	gdm-41.3-150400.2.7 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95120	P	libmariadb-devel-3.1.13-3.30.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2911	P	dstat-0.7.3-2.16 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2921	P	flac-devel-1.3.2-3.9.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:1660	P	Security update for libslirp (Important)	2022-04-29
oval:org.opensuse.security:def:101833	P	Security update for go1.16 (Important)	2022-04-12
oval:org.opensuse.security:def:112282	P	gdm-41.0-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:70578	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:64819	P	Security update for xen (Moderate)	2021-12-07
oval:org.opensuse.security:def:67330	P	Security update for netcdf (Important)	2021-11-30
oval:org.opensuse.security:def:73900	P	Security update for the Linux Kernel (Important)	2021-10-12
oval:org.opensuse.security:def:70484	P	Security update for webkit2gtk3 (Important)	2021-10-04
oval:org.opensuse.security:def:105807	P	gdm-41.0-1.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:96756	P	python3-numpy-1.14.0-4.5.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:96630	P	libcroco-0.6.12-2.38 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:73698	P	Security update for libcroco (Moderate)	2021-09-16
oval:org.opensuse.security:def:64575	P	Security update for ghostscript (Critical)	2021-09-15
oval:org.opensuse.security:def:67235	P	Security update for systemd (Moderate)	2021-08-23
oval:org.opensuse.security:def:2242	P	grub2-x86_64-xen-2.04-20.4 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2266	P	libwsman-devel-2.6.7-3.9.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2273	P	ovmf-202008-8.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2261	P	libspice-server-devel-0.14.3-1.48 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2271	P	openslp-server-2.0.0-6.15.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:72468	P	gdm-3.34.1-8.15.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62749	P	gdm-3.34.1-8.15.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101155	P	gdm-3.34.1-8.15.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101464	P	Security update for libgcrypt (Important)	2021-06-24
oval:org.opensuse.security:def:64712	P	Security update for libjpeg-turbo (Moderate)	2021-06-11
oval:org.opensuse.security:def:64711	P	Security update for salt (Important)	2021-06-10
oval:org.opensuse.security:def:67128	P	Security update for slurm_18_08 (Important)	2021-06-04
oval:org.opensuse.security:def:73819	P	Security update for python-httplib2 (Moderate)	2021-05-31
oval:com.redhat.rhsa:def:20211586	P	RHSA-2021:1586: GNOME security, bug fix, and enhancement update (Moderate)	2021-05-18
oval:org.opensuse.security:def:70376	P	Security update for umoci (Important)	2021-04-09
oval:org.opensuse.security:def:67033	P	Security update for python3 (Moderate)	2021-02-19
oval:org.opensuse.security:def:49460	P	Security update for php74 (Important)	2021-02-19
oval:org.opensuse.security:def:51163	P	Security update for screen (Important)	2021-02-17
oval:org.opensuse.security:def:4069	P	Security update for MozillaFirefox (Important)	2021-01-29
oval:org.opensuse.security:def:110373	P	Security update for gdm (Important)	2020-12-15
oval:org.opensuse.security:def:65136	P	Security update for gdm (Important)	2020-12-14
oval:org.opensuse.security:def:104785	P	Security update for gdm (Important)	2020-12-14
oval:org.opensuse.security:def:74204	P	Security update for gdm (Important)	2020-12-14
oval:org.opensuse.security:def:66423	P	Security update for gdm (Important)	2020-12-14
oval:org.opensuse.security:def:4047	P	Security update for gdm (Important)	2020-12-14
oval:org.opensuse.security:def:75491	P	Security update for gdm (Important)	2020-12-14
oval:org.opensuse.security:def:90591	P	Security update for gdm (Important)	2020-12-14
oval:org.opensuse.security:def:97556	P	Security update for gdm (Important)	2020-12-14
oval:org.opensuse.security:def:104246	P	Security update for gdm (Important)	2020-12-14
oval:org.opensuse.security:def:91130	P	Security update for gdm (Important)	2020-12-14
oval:org.opensuse.security:def:98095	P	Security update for gdm (Important)	2020-12-14
oval:org.opensuse.security:def:51089	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP2) (Important)	2020-12-07
oval:org.opensuse.security:def:86466	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:32821	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:82064	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:25970	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:57382	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:51081	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:89094	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:84530	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:31082	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:23093	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:59697	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:125498	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:55122	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:87285	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:33616	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:82506	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:28857	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:57825	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:51467	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:89352	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:85546	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:31559	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:23479	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:60146	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:126670	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:55770	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:88078	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:33874	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:83154	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:29299	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:58644	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:4957	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:51853	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:86023	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:32002	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:81019	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:4056	P	libsrtp-devel-1.5.2-3.2.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:23865	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:127067	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:56905	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:88387	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:34323	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:84075	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:29947	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:21348	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:59439	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:54680	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:64921	P	Security update for gcc9 (Moderate)	2020-12-01
oval:org.opensuse.security:def:50916	P	Security update for zstd (Moderate)	2020-12-01
oval:org.opensuse.security:def:51294	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:50018	P	libvirt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64978	P	Security update for mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:51356	P	Security update for gdm (Important)	2020-12-01
oval:org.opensuse.security:def:50579	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:65090	P	Security update for python-setuptools (Important)	2020-12-01
oval:org.opensuse.security:def:74021	P	Security update for gdm (Important)	2020-12-01
oval:org.opensuse.security:def:49693	P	libsmi-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52439	P	Security update for slurm_18_08 (Moderate)	2020-12-01
oval:org.opensuse.security:def:49849	P	ncurses-devel-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52501	P	Security update for gdm (Important)	2020-12-01
oval:org.opensuse.security:def:49914	P	mercurial on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:70686	P	Security update for gdm (Important)	2020-12-01
oval:org.opensuse.security:def:50823	P	Security update for conmon, fuse-overlayfs, libcontainers-common, podman (Moderate)	2020-12-01
oval:org.opensuse.security:def:75032	P	Security update for postgresql, postgresql96, postgresql10, postgresql12 (Moderate)	2020-12-01
oval:org.opensuse.security:def:49945	P	dpdk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50990	P	Security update for the Linux Kernel (Critical)	2020-12-01
oval:org.opensuse.security:def:49782	P	dpkg on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:75165	P	Security update for gdm (Important)	2020-12-01
oval:org.opensuse.security:def:51057	P	Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork (Moderate)	2020-12-01
oval:org.opensuse.security:def:110860	P	Security update for gdm (Important)	2020-11-18
oval:org.opensuse.security:def:108130	P	Security update for gdm (Important)	2020-11-16
oval:org.opensuse.security:def:108499	P	Security update for gdm (Important)	2020-11-16
oval:org.opensuse.security:def:75729	P	Security update for gdm (Important)	2020-11-16
oval:org.opensuse.security:def:117644	P	Security update for gdm (Important)	2020-11-16

BACK