GNOME Shell Screen Lock Bypass Vulnerability in Linux
CVE-2014-7300

Currently unrated

Key Information:

Vendor
Gnome
Status
Gnome-shell
Vendor
CVE Published:
25 December 2014

Summary

The vulnerability in GNOME Shell versions prior to 3.14.1 allows an attacker to exploit the Screen Lock feature. When multiple print screen requests are initiated, the feature does not restrict the total memory usage. This condition can trigger an out-of-memory (OOM) situation leading to a temporary lapse in screen lock security. As a result, an unauthorized user in close proximity can execute arbitrary commands on the unattended system, compromising the integrity and security of the device.

References

https://git.gnome.org/browse/gnome-shell/commit/?id=a72dc...
x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2015-0535.html
vendor-advisoryx_refsource_REDHAT
https://git.gnome.org/browse/gnome-shell/commit/?id=f02b0...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2014-7300 : GNOME Shell Screen Lock Bypass Vulnerability in Linux | SecurityVulnerability.io