UBUNTU-CVE-2019-3825

Advisory lineage Upstream: 1 Downstream: 1

Upstream

CVE-2019-3825

Downstream

USN-3892-1

Published: 06 Feb 2019, 00:00

Last modified:04 Feb 2026, 04:38

Vulnerability Summary

Overall Risk (default)

medium

26/100

CVSS Score

6.4 MEDIUM

3.0 (osv_ubuntu)

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

06 Feb 2019, 00:00

Published

Vulnerability first disclosed

04 Feb 2026, 04:38

Last Modified

Vulnerability information updated

Description

A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user's session.

CVSS Metrics

v3.0•MEDIUM•Score: 6.4CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

ubuntu•gdm3
all | < 3.28.3-0ubuntu18.04.4

References (3)

https://ubuntu.com/security/CVE-2019-3825
https://ubuntu.com/security/notices/USN-3892-1
https://www.cve.org/CVERecord?id=CVE-2019-3825