CVE-2013-4459

NameCVE-2013-4459
DescriptionLightDM 1.7.5 through 1.8.3 and 1.9.x before 1.9.2 does not apply the AppArmor profile to the Guest account, which allows local users to bypass intended restrictions by leveraging the Guest account.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
lightdm (PTS)bullseye1.26.0-7fixed
bookworm1.26.0-8fixed
sid, trixie1.32.0-6fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
lightdmsource(unstable)(not affected)

Notes

- lightdm <not-affected> (Only in combination with guest profile, apparmor and 1.8.x branch)

Search for package or bug name: Reporting problems