CVE-2017-7358
- Source
- https://cve.org/CVERecord?id=CVE-2017-7358
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-7358.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-7358
- Downstream
- Published
- 2017-04-05T06:59:00.230Z
- Modified
- 2026-04-10T03:51:17.529968Z
- Severity
-
- 7.3 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out.
- References
Affected packages
Git / github.com/canonical/lightdm
Affected versions
1.*
1.1.1
1.1.2
1.1.3
1.1.4
1.1.5
1.1.6
1.1.7
1.1.8
1.1.9
1.10.0
1.11.0
1.11.1
1.11.2
1.11.3
1.11.4
1.11.5
1.11.6
1.11.7
1.11.8
1.11.9
1.12.0
1.13.0
1.13.1
1.13.2
1.14.0
1.14.0-0ubuntu2
1.15.0
1.15.1
1.15.2
1.15.3
1.16.0
1.17.0
1.17.1
1.17.2
1.17.3
1.17.4
1.17.5
1.17.5-0ubuntu2
1.17.6
1.18.0
1.19.0
1.19.1
1.19.2
1.19.3
1.19.4
1.19.5
1.2.0
1.2.1
1.20.0
1.20.0-0ubuntu2
1.21.0
1.21.1
1.21.1-0ubuntu2
1.21.2
1.21.3
1.21.4
1.21.5
1.22.0
1.3.1
1.3.2
1.3.3
1.4.0
1.5.0
1.5.1
1.5.2
1.5.3
1.6.0
1.7.0
1.7.1
1.7.10
1.7.11
1.7.12
1.7.13
1.7.14
1.7.15
1.7.15-0ubuntu1
1.7.16
1.7.17
1.7.18
1.7.2
1.7.3
1.7.4
1.7.5
1.7.6
1.7.7
1.7.8
1.7.9
1.8.0
1.9.0
1.9.1
1.9.10
1.9.11
1.9.12
1.9.13
1.9.14
1.9.2
1.9.3
1.9.4
1.9.5
1.9.6
1.9.6-0ubuntu4
1.9.7
1.9.8
1.9.9
lightdm-0.*
lightdm-0.0.1
lightdm-0.0.2
lightdm-0.0.3
lightdm-0.0.4
lightdm-0.1.0
lightdm-0.1.1
lightdm-0.1.2
lightdm-0.2.0
lightdm-0.2.1
lightdm-0.2.2
lightdm-0.2.3
lightdm-0.3.0
lightdm-0.3.1
lightdm-0.3.2
lightdm-0.3.3
lightdm-0.3.4
lightdm-0.3.5
lightdm-0.3.6
lightdm-0.3.7
lightdm-0.4.0
lightdm-0.4.1
lightdm-0.4.2
lightdm-0.4.3
lightdm-0.4.3.real
lightdm-0.4.4
lightdm-0.9.0
lightdm-0.9.1
lightdm-0.9.3
lightdm-0.9.4
lightdm-0.9.5
lightdm-0.9.6
lightdm-0.9.7
lightdm-0.9.8
lightdm-1.*
lightdm-1.0.0
lightdm-1.1.0
lightdm-1.1.5