VDB

MAGEIA-2021-3

MAGEIA-2021-3 PUBLISHED

Kevin Backhouse discovered that GDM incorrectly launched the initial setup tool when the accountsservice daemon was not reachable. A local attacker able to cause accountsservice to crash or stop responding could trick GDM into launching the initial setup tool and create a privileged user (CVE-2020-16125).

Affected Products

VendorProductVersions
Mageiagdm0, 3.32.0-1.1.mga7, 0
Mageiasmartmontools7.2-1.mga7, 0

Timeline

  • Jan 4, 2021 CVE Updated
  • Jan 4, 2021 CVE Published
  • Mar 17, 2026 Distribution Patch
  • Mar 17, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›