A vulnerability in GNOME Display Manager (gdm) could allow a standard user to create accounts with increased privileges, giving a local attacker a path to run code with administrator permissions (root) The process involves running a few simple commands in the terminal and modifying general system settings that do not require increased rights. Exploiting the bug in gdm3 takes advantage of crashing the AccountsService component, which keeps track of the users available on the system. The bug is now tracked as CVE-2020-16125 with a high severity score of 7.2 out of 10.
Source: https://www.bleepingcomputer.com/news/security/ubuntus-gnome-desktop-could-be-tricked-into-giving-root-access/