CVE-2015-7496

Опубликовано: 12 нояб. 2015

Источник: redhat

CVSS3: 4.3

CVSS2: 4.6

Описание

GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key.

It was found that gdm could crash due to a signal handler dispatched to an invalid conversation. An attacker could crash gdm by holding the escape key when the screen is locked, possibly bypassing the locked screen.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	gdm	Not affected
Red Hat Enterprise Linux 6	gdm	Not affected
Red Hat Enterprise Linux 7	gdm	Fixed	RHSA-2017:2128	01.08.2017
Red Hat Enterprise Linux 7	gnome-session	Fixed	RHSA-2017:2128	01.08.2017

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-364

https://bugzilla.redhat.com/show_bug.cgi?id=1283279gdm: Crash when holding Escape in log screen

4.3 Medium

CVSS3

4.6 Medium

CVSS2

Связанные уязвимости

CVE-2015-7496

ubuntu

около 10 лет назад

GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key.

CVE-2015-7496

nvd

около 10 лет назад

GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key.

CVE-2015-7496

debian

около 10 лет назад

GNOME Display Manager (gdm) before 3.18.2 allows physically proximate ...

GHSA-qwh9-f2h4-mw38

github

больше 3 лет назад

GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key.

ELSA-2017-2128

oracle-oval

больше 8 лет назад

ELSA-2017-2128: gdm and gnome-session security, bug fix, and enhancement update (MODERATE)

4.3 Medium

CVSS3

4.6 Medium

CVSS2