LightDM 1.7.5 through 1.8.3 and 1.9.x before 1.9.2 does not apply the AppArmor profile to the Guest account, which allows local users to bypass intended restrictions by leveraging the Guest account.
2013-11-23T18:55:04.673
2025-04-11T00:51:21.963
Deferred
CVSSv2: 3.3 (LOW)
AV:L/AC:M/Au:N/C:P/I:P/A:N
3.4
4.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | robert_ancell | lightdm | 1.7.5 | Yes |
| Application | robert_ancell | lightdm | 1.7.6 | Yes |
| Application | robert_ancell | lightdm | 1.7.7 | Yes |
| Application | robert_ancell | lightdm | 1.7.8 | Yes |
| Application | robert_ancell | lightdm | 1.7.9 | Yes |
| Application | robert_ancell | lightdm | 1.7.10 | Yes |
| Application | robert_ancell | lightdm | 1.7.11 | Yes |
| Application | robert_ancell | lightdm | 1.7.12 | Yes |
| Application | robert_ancell | lightdm | 1.7.13 | Yes |
| Application | robert_ancell | lightdm | 1.7.14 | Yes |
| Application | robert_ancell | lightdm | 1.7.15 | Yes |
| Application | robert_ancell | lightdm | 1.7.16 | Yes |
| Application | robert_ancell | lightdm | 1.7.17 | Yes |
| Application | robert_ancell | lightdm | 1.7.18 | Yes |
| Application | robert_ancell | lightdm | 1.8.0 | Yes |
| Application | robert_ancell | lightdm | 1.8.1 | Yes |
| Application | robert_ancell | lightdm | 1.8.2 | Yes |
| Application | robert_ancell | lightdm | 1.8.3 | Yes |
| Application | robert_ancell | lightdm | 1.9.0 | Yes |
| Application | robert_ancell | lightdm | 1.9.1 | Yes |
| Operating System | canonical | ubuntu_linux | 13.10 | Yes |