VDB
MAGEIA-2021-3
MAGEIA-2021-3
PUBLISHED
Kevin Backhouse discovered that GDM incorrectly launched the initial setup tool when the accountsservice daemon was not reachable. A local attacker able to cause accountsservice to crash or stop responding could trick GDM into launching the initial setup tool and create a privileged user (CVE-2020-16125).
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mageia | gdm | 0, 3.32.0-1.1.mga7, 0 |
| Mageia | smartmontools | 7.2-1.mga7, 0 |
Timeline
- Jan 4, 2021 CVE Updated
- Jan 4, 2021 CVE Published
- Mar 17, 2026 Distribution Patch
- Mar 17, 2026 Security Advisory
References
- Updated gdm packages fix a security vulnerability advisory
- Updated gdm packages fix a security vulnerability issue
- Updated gdm packages fix a security vulnerability issue
- Updated gdm packages fix a security vulnerability advisory
- Updated smartmontools package improves compatibility advisory
- Updated smartmontools package improves compatibility issue