Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Incomplete privilege drop for com.system76.CosmicGreeter.GetUserData
Vulnerability Description
A Privilege Dropping / Lowering Errors/Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in cosmic-greeter can allow an attacker to regain privileges that should have been dropped and abuse them in the racy checking logic. This issue affects cosmic-greeter before https://github.Com/pop-os/cosmic-greeter/pull/426.
CVSS Information
N/A
Vulnerability Type
特权放弃/降低错误
Vulnerability Title
cosmic-greeter 安全漏洞
Vulnerability Description
cosmic-greeter是Pop!_OS开源的一个登录管理器。 cosmic-greeter存在安全漏洞,该漏洞源于特权丢弃或降低错误以及竞争条件,可能导致攻击者重新获取已丢弃的特权并在竞争检查逻辑中滥用。
CVSS Information
N/A
Vulnerability Type
N/A