Privilege escalation using vulnerabilities in gdm3 and accountsservice (GHSL-2020-187, GHSL-2020-188, GHSL-2020-202)

Thanks for reporting the GDM issue. Unfortunately, we are unable to access the private GNOME bug listed above. Are there any details about the GDM issue you could share?

Sorry, I should have attached the gdm3 report. Here you go.

Oh, that is quite a bad default, nice find!

Hello Kevin, nice discovery. Please use CVE-2020-16125 for GHSL-2020-202.

Thanks

Hi Seth,

Does CVE-2020-16125 apply to the gdm3 bug in general, or just Ubuntu?

There has been no response yet to the bug report that I submitted to GNOME (https://gitlab.gnome.org/GNOME/gdm/-/issues/642).

Thanks,

Kev

It applies to the gdm3 bug in general. Please add it to the upstream bug report. Let us know if you already had a CVE assigned.

Thanks! I have added a comment to the GNOME issue with the CVE number.

Hi! Have you heard back from the gdm3 developers? I have updates for accountsservice ready, but ideally would like to publish them at the same time as the gdm3 updates.

No, there has been no response from GNOME. It seems like nobody has even looked at https://gitlab.gnome.org/GNOME/gdm/-/issues/642

I am going to try sending an email to <email address hidden>.

I got an immediate response to my email to <email address hidden>. They're looking into it now. I'll let them know that you have a fix for accountsservice ready and would like to coordinate the disclosure with them.

So it looks like there's a gdm3 fix available now. While the gdm3 fix is available, I would like the details of the issue to remain private until 2020-11-03 so I can prepare updates and properly test them since accountsservice is specifically mentioned in your gdm3 advisory.

Is 2020-11-03 ok with you?

Thanks! 2020-11-03 is great.

This is fixed https://ubuntu.com/security/notices/USN-4614-1