CVE-2017-8900

Published: May 12, 2017Modified: May 13, 2026

4.6

Vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 0.9 / Impact: 3.6

Source: NVD

Description

LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session.

Affected (1)

Products: Lightdm Project: Lightdm

Lightdm Project

1 product

Lightdm

Configuration A

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Lightdm Project Lightdm	Up to 1.22.0

Running on/with	Platform Versions
Canonical Ubuntu Linux	Version 16.10
Canonical Ubuntu Linux	Version 17.04

References (8)

http://www.securityfocus.com/bid/98554

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://launchpad.net/bugs/1663157

Source: cve@mitre.org

Issue TrackingPatchVendor Advisory

https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-8900.html

Source: cve@mitre.org

PatchVendor Advisory

https://www.ubuntu.com/usn/usn-3285-1/

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/98554

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://launchpad.net/bugs/1663157

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchVendor Advisory

https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-8900.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://www.ubuntu.com/usn/usn-3285-1/

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.