gnome gnome-display-manager CVE-2019-3825 vulnerability in GNOME and Other Products
Published on February 6, 2019

product logo product logo product logo
A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user's session.

Vendor Advisory NVD

Weakness Type

What is an authentification Vulnerability?

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

CVE-2019-3825 has been classified to as an authentification vulnerability or weakness.


Products Associated with CVE-2019-3825

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-3825 are published in these products:

Gnome Display Manager
 
Canonical Ubuntu Linux
 
Red Hat Enterprise Linux (RHEL)
 

Affected Versions

The Gnome Projectr gdm Version 3.31.4 is affected by CVE-2019-3825

Exploit Probability

EPSS
0.08%
Percentile
22.53%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.