CVE-2020-16127 Information

Description

An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2 among other earlier versions would perform unbounded read operations on user-controlled ~/.pam_environment files allowing an infinite loop if /dev/zero is symlinked to this location.

Reference

https://securitylab.github.com/advisories/GHSL-2020-187-accountsservice-drop-privs-DOS