CVE-2017-8900

Metadata

low
2.1
lightdm
CVE-2017-8900
cve.mitre.org, ubuntu.com, launchpad.net
2017-05-11
2017-06-19 13:03
CVE-2017-8900 lightdm
2017-06-16 18:42
2017-06-15 02:36
2017-05-18 04:04
2017-05-12 02:03
2017-05-12 01:03

Description

LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session.

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
devel lightdm 1.22.0-0ubuntu4
yakkety lightdm 1.19.5-0ubuntu1.2
zesty lightdm 1.22.0-0ubuntu2.1

Unaffected

Release Package Reason
precise/esm lightdm DNE
trusty lightdm not-affected
vivid/stable-phone-overlay lightdm not-affected
vivid/ubuntu-core lightdm DNE
xenial lightdm not-affected

Needs Triage

Release Package Reason
upstream lightdm needs-triage