CVE-2018-20781

In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the users password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext.

Weakness

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Affected Software

Name	Vendor	Start Version	End Version
Gnome_keyring	Gnome	*	3.27.2 (excluding)

Potential Mitigations

https://cwe.mitre.org/data/definitions/102.html
https://cwe.mitre.org/data/definitions/474.html
https://cwe.mitre.org/data/definitions/50.html
https://cwe.mitre.org/data/definitions/509.html
https://cwe.mitre.org/data/definitions/551.html
https://cwe.mitre.org/data/definitions/555.html
https://cwe.mitre.org/data/definitions/560.html
https://cwe.mitre.org/data/definitions/561.html
https://cwe.mitre.org/data/definitions/600.html
https://cwe.mitre.org/data/definitions/644.html
https://cwe.mitre.org/data/definitions/645.html
https://cwe.mitre.org/data/definitions/652.html
https://cwe.mitre.org/data/definitions/653.html

References

https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1772919
https://bugzilla.gnome.org/show_bug.cgi?id=781486
https://github.com/huntergregal/mimipenguin
https://github.com/huntergregal/mimipenguin/tree/d95f1e08ce79783794f38433bbf7de5abd9792da
https://gitlab.gnome.org/GNOME/gnome-keyring/issues/3
https://gitlab.gnome.org/GNOME/gnome-keyring/tags/3.27.2
https://usn.ubuntu.com/3894-1/
https://www.oracle.com/security-alerts/cpujan2021.html

NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-20781
CWE	https://cwe.mitre.org/data/definitions/522.html

Insufficiently Protected Credentials

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References