LightDM is prone to a local directory-traversal vulnerability.
Exploiting this issue will allow an attacker to gain elevated privileges and perform unauthorized actions.
LightDM 1.22.0 and prior versions are vulnerable.
Information
Ubuntu Ubuntu Linux 16.04 LTS
freedesktop.org LightDM 1.17.2
freedesktop.org LightDM 1.16.6
freedesktop.org LightDM 1.16.5
freedesktop.org LightDM 1.16.4
freedesktop.org LightDM 1.16.3
freedesktop.org LightDM 1.16.2
freedesktop.org LightDM 1.16.1
freedesktop.org LightDM 1.16
freedesktop.org LightDM 1.14.4
freedesktop.org LightDM 1.14.3
freedesktop.org LightDM 1.14.2
freedesktop.org LightDM 1.14.1
freedesktop.org LightDM 1.14
freedesktop.org LightDM 1.8.4
freedesktop.org LightDM 1.8
freedesktop.org LightDM 1.7.14
freedesktop.org LightDM 1.7.13
freedesktop.org LightDM 1.6.2
freedesktop.org LightDM 1.6.1
freedesktop.org LightDM 1.4.3
freedesktop.org LightDM 1.4.2
freedesktop.org LightDM 1.22.0
freedesktop.org LightDM 1.0.9-1
freedesktop.org LightDM 1.0.6-3
freedesktop.org LightDM 1.0.6
freedesktop.org LightDM 1.0.5
freedesktop.org LightDM 1.0.4
References:
- [LightDM] Using debian/guest-account.sh (freedesktop)
- Bug Description lightdm (launchpad)
- Viewing all changes in revision 2478. (launchpad)