Bug 1149608 (CVE-2014-7271) - CVE-2014-7271 sddm: user "sddm" can login without authentication.
Summary: CVE-2014-7271 sddm: user "sddm" can login without authentication.
Status: NEW
Alias: CVE-2014-7271
Product: Security Response
Classification: Other
Component: vulnerability   
(Show other bugs)
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=moderate,public=20140922,repor...
Keywords: Security
Depends On: 1149628
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-10-06 08:23 UTC by Vasyl Kaigorodov
Modified: 2018-04-30 21:44 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Vasyl Kaigorodov 2014-10-06 08:23:14 UTC
It was reported that it's possible to login as "sddm" user without authentication:

This is since if sddm detects that user in the PamBackend,
it has:

        if (user == "sddm")
            service = "sddm-greeter";
        else if (m_app->session()->path().isEmpty())
            service = "sddm-check";
        else if (m_autologin)
            service = "sddm-autologin";
        result = m_pam->start(service, user);


and the sddm-greeter PAM config basically just has a pam_permit.
More info is available at [1]. Upstream patch is at [2].

[1]: https://bugzilla.suse.com/show_bug.cgi?id=897788#c6
[2]: https://github.com/sddm/sddm/pull/279

Comment 1 Vasyl Kaigorodov 2014-10-06 09:43:50 UTC
Created sddm tracking bugs for this issue:

Affects: fedora-all [bug 1149628]

Comment 2 Fedora Update System 2014-10-28 06:46:52 UTC
sddm-0.9.0-2.20141007git6a28c29b.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 3 Fedora Update System 2014-10-31 02:43:23 UTC
sddm-0.9.0-2.20141007git6a28c29b.fc21 has been pushed to the Fedora 21 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.