Note:
This project will be discontinued after December 13, 2021. [more]
2019-02-06
It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.
Products | Ubuntu_linux, Gnome\-Shell, Leap |
Type | Improper Authentication (CWE-287) |
First patch | - None (likely due to unavailable code) |
Links |
• http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00023.html
• http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00049.html • https://gitlab.gnome.org/GNOME/gnome-shell/issues/851 • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3820 • https://usn.ubuntu.com/3966-1/ |