Upstream information
Description
lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation.SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.
SUSE Bugzilla entry: 708205 [RESOLVED / FIXED] No SUSE Security Announcements cross referenced.List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
openSUSE Leap 15.0 |
| Patchnames: openSUSE Leap 15.0 GA liblightdm-gobject-1-0-1.24.1-lp150.1.1 |
openSUSE Tumbleweed |
| Patchnames: openSUSE Tumbleweed GA liblightdm-gobject-1-0-1.21.1-1.1 |
SUSE Timeline for this CVE
CVE page created: Tue Jul 9 19:15:45 2013CVE page last modified: Fri Oct 7 12:46:08 2022