Screen Lock Bypass in gnome-power-manager from GNOME

CVE-2009-4997

Summary

The gnome-power-manager version 2.27.92 contains a vulnerability where the settings for locking the screen upon suspend or hibernate actions are not effectively enforced. This flaw allows potential attackers in close physical proximity to the device to access an unattended laptop without authentication after the system resumes from suspend or hibernate modes. The issue stems from a regression following a previous fix to the gnome-power-manager functionality, which compromises the expected level of security during these power state transitions.

References