Information Leak in gdm3 Before Screen Lock by the Vendor
CVE-2016-1000002

2.4LOW

Key Information:

Vendor
Gnome
Status
Gnome Display Manager
Vendor
CVE Published:
5 November 2019

Summary

The gdm3 version 3.14.2 and potentially later releases contain a flaw that allows for information leakage before the screen is locked. This issue could be exploited by malicious users to access sensitive information that should be protected during the lock screen state. Proper mitigation and awareness of this vulnerability are essential for maintaining system security and user privacy.

References

https://raw.githubusercontent.com/distributedweaknessfili...
x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2016-1000002
x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000002
x_refsource_MISC

CVSS V3.1

Score:
2.4
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2016-1000002 : Information Leak in gdm3 Before Screen Lock by the Vendor | SecurityVulnerability.io