FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-02 20:06:50 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
68847b20-8ddc-11e5-b69c-c86000169601	gdm -- lock screen bypass when holding escape key Ray Strode reports: CVE-2015-7496 - lock screen bypass when holding escape key. Discovery 2015-11-12 Entry 2015-11-18 gdm < 3.16.2_1 CVE-2015-7496 https://mail.gnome.org/archives/ftp-release-list/2015-November/msg00074.html https://bugzilla.gnome.org/show_bug.cgi?id=758032
c6fbd447-59ed-11e0-8d04-0015f2db7bde	gdm -- privilege escalation vulnerability Sebastian Krahmer reports: It was discovered that the GNOME Display Manager (gdm) cleared the cache directory, which is owned by an unprivileged user, with the privileges of the root user. A race condition exists in gdm where a local user could take advantage of this by writing to the cache directory between ending the session and the signal to clean up the session, which could lead to the execution of arbitrary code as the root user. Discovery 2011-03-28 Entry 2011-03-29 gdm < 2.30.5_2 CVE-2011-0727 http://mail.gnome.org/archives/distributor-list/2011-March/msg00008.html https://bugzilla.redhat.com/show_bug.cgi?id=688323

VuXML ID

Description

68847b20-8ddc-11e5-b69c-c86000169601

gdm -- lock screen bypass when holding escape key

Ray Strode reports:

CVE-2015-7496 - lock screen bypass when holding escape key.

Discovery 2015-11-12
Entry 2015-11-18
gdm

< 3.16.2_1

CVE-2015-7496
https://mail.gnome.org/archives/ftp-release-list/2015-November/msg00074.html
https://bugzilla.gnome.org/show_bug.cgi?id=758032

c6fbd447-59ed-11e0-8d04-0015f2db7bde

gdm -- privilege escalation vulnerability

Sebastian Krahmer reports:

It was discovered that the GNOME Display Manager (gdm) cleared the cache directory, which is owned by an unprivileged user, with the privileges of the root user. A race condition exists in gdm where a local user could take advantage of this by writing to the cache directory between ending the session and the signal to clean up the session, which could lead to the execution of arbitrary code as the root user.

Discovery 2011-03-28
Entry 2011-03-29
gdm

< 2.30.5_2

CVE-2011-0727
http://mail.gnome.org/archives/distributor-list/2011-March/msg00008.html
https://bugzilla.redhat.com/show_bug.cgi?id=688323