CVE-2013-4331

Publication date 12 September 2013

Last updated 24 July 2024


Ubuntu priority

Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensitive information by reading the file.

Read the notes from the security team

Status

Package Ubuntu Release Status
lightdm 13.04 raring
Fixed 1.6.0-0ubuntu3.1
12.10 quantal
Not affected
12.04 LTS precise
Not affected
10.04 LTS lucid Not in release

Notes


mdeslaur

couldn't reproduce on quantal

References

Related Ubuntu Security Notices (USN)

    • USN-1950-1
    • Light Display Manager vulnerability
    • 12 September 2013

Other references