Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-7300

Опубликовано: 27 сент. 2014
Источник: redhat
CVSS2: 3.6
EPSS Низкий

Описание

GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.

It was found that the Gnome shell did not disable the Print Screen key when the screen was locked. This could allow an attacker with physical access to a system with a locked screen to crash the screen-locking application by creating a large amount of screenshots.

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-285->CWE-770->CWE-305
https://bugzilla.redhat.com/show_bug.cgi?id=1147917gnome-shell: lockscreen bypass with printscreen key

EPSS

Процентиль: 13%
0.00044
Низкий

3.6 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-7300

ubuntu
почти 11 лет назад

GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.

nvd логотип

CVE-2014-7300

nvd
почти 11 лет назад

GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.

debian логотип

CVE-2014-7300

debian
почти 11 лет назад

GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used ...

suse-cvrf логотип

SUSE-SU-2015:0515-1

suse-cvrf
почти 11 лет назад

Security update for gnome-settings-daemon

github логотип

GHSA-gg6w-rmxx-j7xr

github
больше 3 лет назад

GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.

EPSS

Процентиль: 13%
0.00044
Низкий

3.6 Low

CVSS2