ubuntu · CVE-2017-8900

Quick triage

Priority: medium Published: 2017-05-11 00:00:00 UTC Updated: 2025-08-25 22:40:35 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2017-8900 medium priority: Ubuntu including 1 source packages (lightdm), 5 status rows across 5 suites (trusty, upstream, xenial, yakkety, zesty): released 2, DNE 1, needs-triage 1, not-affected 1.

Description:

LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session.

cvelogic Threat Intelligence