Veeti Veteläinen discovered that the LTSP Display Manager (ldm) incorrectly handled user logins from unsupported shells. A local attacker could possibly use this issue to gain root privileges. (CVE-2019-20373)
Continue reading...
Continue reading...