Gnome-Shell Lock Screen Vulnerability in GNOME Software
CVE-2019-3820

4.8MEDIUM

Key Information:

Vendor

The Gnome Project

Status
Gnome-shell
Vendor
CVE Published:
6 February 2019

What is CVE-2019-3820?

A vulnerability exists in the Gnome-Shell lock screen that fails to adequately limit contextual actions for users with physical access to a locked workstation. As a result, an attacker could exploit certain keyboard shortcuts, and potentially other functionalities, to gain unauthorized access or perform unintended operations within the system, compromising the security intended by the lock screen.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

gnome-shell since 3.15.91

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3820
x_refsource_CONFIRM
https://gitlab.gnome.org/GNOME/gnome-shell/issues/851
x_refsource_MISC
https://usn.ubuntu.com/3966-1/
vendor-advisoryx_refsource_UBUNTU

CVSS V3.1

Score:
4.8
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.