In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext. Upstream Issue: https://gitlab.gnome.org/GNOME/gnome-keyring/issues/3 Reference: https://bugzilla.gnome.org/show_bug.cgi?id=781486 https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1772919
Created libgnome-keyring tracking bugs for this issue: Affects: fedora-all [bug 1677289]
External References: https://gitlab.gnome.org/GNOME/gnome-keyring/tags/3.27.2
To exploit this flaw, an attacker would need to read the memory of a local process under the uid of the target user. While exposing the user's password is significant, having this capacity puts the attacker definitively "within the gates" and already in a position to steal sensitive data if not worse. Thus downgrading severity to Low. libgnome-keyring is not affected by this issue.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2018-20781