vulnerability
CentOS Linux: CVE-2019-3825: Moderate: GNOME security, bug fix, and enhancement update (CESA-2020:1766)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:M/Au:N/C:C/I:C/A:C) | Feb 6, 2019 | Apr 29, 2020 | May 25, 2023 |
Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
Feb 6, 2019
Added
Apr 29, 2020
Modified
May 25, 2023
Description
A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user's session.
Solutions
centos-upgrade-accountsservicecentos-upgrade-accountsservice-debuginfocentos-upgrade-accountsservice-debugsourcecentos-upgrade-accountsservice-libscentos-upgrade-accountsservice-libs-debuginfocentos-upgrade-appstream-datacentos-upgrade-baobabcentos-upgrade-baobab-debuginfocentos-upgrade-baobab-debugsourcecentos-upgrade-cluttercentos-upgrade-clutter-debuginfocentos-upgrade-clutter-debugsourcecentos-upgrade-clutter-tests-debuginfocentos-upgrade-evincecentos-upgrade-evince-browser-plugincentos-upgrade-evince-browser-plugin-debuginfocentos-upgrade-evince-debuginfocentos-upgrade-evince-debugsourcecentos-upgrade-evince-libscentos-upgrade-evince-libs-debuginfocentos-upgrade-evince-nautiluscentos-upgrade-evince-nautilus-debuginfocentos-upgrade-gdmcentos-upgrade-gdm-debuginfocentos-upgrade-gdm-debugsourcecentos-upgrade-gjscentos-upgrade-gjs-debuginfocentos-upgrade-gjs-debugsourcecentos-upgrade-gjs-tests-debuginfocentos-upgrade-gnome-boxescentos-upgrade-gnome-boxes-debuginfocentos-upgrade-gnome-boxes-debugsourcecentos-upgrade-gnome-control-centercentos-upgrade-gnome-control-center-debuginfocentos-upgrade-gnome-control-center-debugsourcecentos-upgrade-gnome-control-center-filesystemcentos-upgrade-gnome-menuscentos-upgrade-gnome-menus-debuginfocentos-upgrade-gnome-menus-debugsourcecentos-upgrade-gnome-online-accountscentos-upgrade-gnome-online-accounts-debuginfocentos-upgrade-gnome-online-accounts-debugsourcecentos-upgrade-gnome-online-accounts-develcentos-upgrade-gnome-remote-desktopcentos-upgrade-gnome-remote-desktop-debuginfocentos-upgrade-gnome-remote-desktop-debugsourcecentos-upgrade-gnome-sessioncentos-upgrade-gnome-session-debuginfocentos-upgrade-gnome-session-debugsourcecentos-upgrade-gnome-session-wayland-sessioncentos-upgrade-gnome-session-xsessioncentos-upgrade-gnome-settings-daemoncentos-upgrade-gnome-settings-daemon-debuginfocentos-upgrade-gnome-settings-daemon-debugsourcecentos-upgrade-gnome-shellcentos-upgrade-gnome-shell-debuginfocentos-upgrade-gnome-shell-debugsourcecentos-upgrade-gnome-softwarecentos-upgrade-gnome-software-debuginfocentos-upgrade-gnome-software-debugsourcecentos-upgrade-gnome-software-editorcentos-upgrade-gnome-software-editor-debuginfocentos-upgrade-gnome-terminalcentos-upgrade-gnome-terminal-debuginfocentos-upgrade-gnome-terminal-debugsourcecentos-upgrade-gnome-terminal-nautiluscentos-upgrade-gnome-terminal-nautilus-debuginfocentos-upgrade-gnome-tweakscentos-upgrade-gsettings-desktop-schemascentos-upgrade-gsettings-desktop-schemas-develcentos-upgrade-gtk-update-icon-cachecentos-upgrade-gtk-update-icon-cache-debuginfocentos-upgrade-gtk3centos-upgrade-gtk3-debuginfocentos-upgrade-gtk3-debugsourcecentos-upgrade-gtk3-develcentos-upgrade-gtk3-devel-debuginfocentos-upgrade-gtk3-immodule-ximcentos-upgrade-gtk3-immodule-xim-debuginfocentos-upgrade-gtk3-immodules-debuginfocentos-upgrade-gtk3-tests-debuginfocentos-upgrade-gvfscentos-upgrade-gvfs-afccentos-upgrade-gvfs-afc-debuginfocentos-upgrade-gvfs-afpcentos-upgrade-gvfs-afp-debuginfocentos-upgrade-gvfs-archivecentos-upgrade-gvfs-archive-debuginfocentos-upgrade-gvfs-clientcentos-upgrade-gvfs-client-debuginfocentos-upgrade-gvfs-debuginfocentos-upgrade-gvfs-debugsourcecentos-upgrade-gvfs-develcentos-upgrade-gvfs-fusecentos-upgrade-gvfs-fuse-debuginfocentos-upgrade-gvfs-goacentos-upgrade-gvfs-goa-debuginfocentos-upgrade-gvfs-gphoto2centos-upgrade-gvfs-gphoto2-debuginfocentos-upgrade-gvfs-mtpcentos-upgrade-gvfs-mtp-debuginfocentos-upgrade-gvfs-smbcentos-upgrade-gvfs-smb-debuginfocentos-upgrade-librawcentos-upgrade-libraw-debuginfocentos-upgrade-libraw-debugsourcecentos-upgrade-libraw-samples-debuginfocentos-upgrade-libvncservercentos-upgrade-libvncserver-debuginfocentos-upgrade-libvncserver-debugsourcecentos-upgrade-libxsltcentos-upgrade-libxslt-debuginfocentos-upgrade-libxslt-debugsourcecentos-upgrade-libxslt-develcentos-upgrade-mozjs52centos-upgrade-mozjs52-debuginfocentos-upgrade-mozjs52-debugsourcecentos-upgrade-mozjs52-devel-debuginfocentos-upgrade-mozjs60centos-upgrade-mozjs60-debuginfocentos-upgrade-mozjs60-debugsourcecentos-upgrade-muttercentos-upgrade-mutter-debuginfocentos-upgrade-mutter-debugsourcecentos-upgrade-mutter-tests-debuginfocentos-upgrade-nautiluscentos-upgrade-nautilus-debuginfocentos-upgrade-nautilus-debugsourcecentos-upgrade-nautilus-extensionscentos-upgrade-nautilus-extensions-debuginfocentos-upgrade-vinagrecentos-upgrade-vinagre-debuginfocentos-upgrade-vinagre-debugsource
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.