CVE-2018-20781

In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the users password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext.

Weakness

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Affected Software

Potential Mitigations

Related Attack Patterns

• https://cwe.mitre.org/data/definitions/102.html
• https://cwe.mitre.org/data/definitions/474.html
• https://cwe.mitre.org/data/definitions/50.html
• https://cwe.mitre.org/data/definitions/509.html
• https://cwe.mitre.org/data/definitions/551.html
• https://cwe.mitre.org/data/definitions/555.html
• https://cwe.mitre.org/data/definitions/560.html
• https://cwe.mitre.org/data/definitions/561.html
• https://cwe.mitre.org/data/definitions/600.html
• https://cwe.mitre.org/data/definitions/644.html
• https://cwe.mitre.org/data/definitions/645.html
• https://cwe.mitre.org/data/definitions/652.html
• https://cwe.mitre.org/data/definitions/653.html

References

• https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1772919
• https://bugzilla.gnome.org/show_bug.cgi?id=781486
• https://github.com/huntergregal/mimipenguin
• https://github.com/huntergregal/mimipenguin/tree/d95f1e08ce79783794f38433bbf7de5abd9792da
• https://gitlab.gnome.org/GNOME/gnome-keyring/issues/3
• https://gitlab.gnome.org/GNOME/gnome-keyring/tags/3.27.2
• https://usn.ubuntu.com/3894-1/
• https://www.oracle.com/security-alerts/cpujan2021.html
• https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1772919
• https://bugzilla.gnome.org/show_bug.cgi?id=781486
• https://github.com/huntergregal/mimipenguin
• https://github.com/huntergregal/mimipenguin/tree/d95f1e08ce79783794f38433bbf7de5abd9792da
• https://gitlab.gnome.org/GNOME/gnome-keyring/issues/3
• https://gitlab.gnome.org/GNOME/gnome-keyring/tags/3.27.2
• https://usn.ubuntu.com/3894-1/
• https://www.oracle.com/security-alerts/cpujan2021.html