Published: 4 April 2017
In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out.
This issue was reported to us by Beyond Security but they did not discover the issue. The discoverer is unknown.
CVSS 3 base score: 7.3