What is the severity of CVE-2017-8900?

CVE-2017-8900 is considered a medium severity vulnerability that allows unauthorized access to user home directories by bypassing AppArmor restrictions.

How do I fix CVE-2017-8900?

To remediate CVE-2017-8900, upgrade LightDM to version 1.26.0 or later.

What systems are affected by CVE-2017-8900?

CVE-2017-8900 affects LightDM versions up to 1.22.0 on Ubuntu 16.10 and Ubuntu 17.x when using systemd.

Who can exploit CVE-2017-8900?

CVE-2017-8900 can be exploited by physically proximate attackers who can establish a guest session.

What is the impact of CVE-2017-8900 on users?

The impact of CVE-2017-8900 allows attackers to access and view the home directories of other users, leading to potential data exposure.

Vulnerability/
CVE-2017-8900

medium

4.6

12/5/2017

5/8/2024

CVE-2017-8900

First published: Fri May 12 2017(Updated: )

Last updated 24 July 2024

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
debian/lightdm		1.26.0-7 1.26.0-8 1.32.0-6
All of
LightDM	<=1.22.0
Any of
Ubuntu	=16.10
Ubuntu	=17.04
LightDM	<=1.22.0
Ubuntu	=16.10
Ubuntu	=17.04

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-8900?
CVE-2017-8900 is considered a medium severity vulnerability that allows unauthorized access to user home directories by bypassing AppArmor restrictions.
How do I fix CVE-2017-8900?
To remediate CVE-2017-8900, upgrade LightDM to version 1.26.0 or later.
What systems are affected by CVE-2017-8900?
CVE-2017-8900 affects LightDM versions up to 1.22.0 on Ubuntu 16.10 and Ubuntu 17.x when using systemd.
Who can exploit CVE-2017-8900?
CVE-2017-8900 can be exploited by physically proximate attackers who can establish a guest session.
What is the impact of CVE-2017-8900 on users?
The impact of CVE-2017-8900 allows attackers to access and view the home directories of other users, leading to potential data exposure.

agent/type
collector/launchpad-cve
source/Launchpad
agent/remedy
agent/severity
collector/mitre-cve
source/MITRE
agent/last-modified-date
collector/security-tracker-debian
source/Debian
agent/software-canonical-lookup
collector/usn-cve
source/Ubuntu
agent/references
agent/event
agent/description
agent/first-publish-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-cve
source/NVD
agent/software-canonical-lookup-request
collector/nvd-index
agent/author
package-manager/debian
vendor/lightdm project
canonical/lightdm
version/lightdm/1.22.0
vendor/canonical
canonical/ubuntu
version/ubuntu/16.10
version/ubuntu/17.04

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

CVE-2017-8900

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-8900?

How do I fix CVE-2017-8900?

What systems are affected by CVE-2017-8900?

Who can exploit CVE-2017-8900?

What is the impact of CVE-2017-8900 on users?

Company

Resources

Contact