This article explains a critical Ubuntu vulnerability that lets a standard user create a new sudo account and obtain root privileges without a system password, detailing the exploitation steps, required commands, and the underlying flaw in accounts‑daemon and GNOME Display Manager, plus mitigation advice.
This article explains how a critical Ubuntu vulnerability discovered by security researcher Kevin Backhouse lets a standard user create a sudo‑enabled account without a password, details the step‑by‑step exploitation process, and outlines the official patches that mitigate the issue across affected LTS releases.
This article explains a critical Ubuntu desktop vulnerability discovered by GitHub researcher Kevin Backhouse, detailing step‑by‑step commands that let a standard user create a privileged sudo account, the underlying bugs in accounts‑service and GNOME Display Manager, and the official patches released to fix it.
Security researcher Kevin Backhouse revealed a local‑privilege‑escalation flaw in Ubuntu desktop that lets a standard user create a sudo‑enabled account without a password by abusing a .pam_environment symlink, crashing accounts‑daemon, and forcing GNOME’s initial‑setup wizard, with patches now available.
