Описание
A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the "Application menu" or "Window list" GNOME extensions are enabled. This flaw allows a physical attacker who has access to a locked system to kill existing applications and start new ones as the locked user, even if the session is still locked.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | |
| devel | not-affected | |
| esm-apps/xenial | not-affected | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | |
| esm-infra/focal | not-affected | |
| focal | not-affected | |
| hirsute | not-affected | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE |
Показывать по
EPSS
3.6 Low
CVSS2
6.1 Medium
CVSS3
Связанные уязвимости
A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the "Application menu" or "Window list" GNOME extensions are enabled. This flaw allows a physical attacker who has access to a locked system to kill existing applications and start new ones as the locked user, even if the session is still locked.
A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the "Application menu" or "Window list" GNOME extensions are enabled. This flaw allows a physical attacker who has access to a locked system to kill existing applications and start new ones as the locked user, even if the session is still locked.
A locking protection bypass flaw was found in some versions of gnome-s ...
A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the "Application menu" or "Window list" GNOME extensions are enabled. This flaw allows a physical attacker who has access to a locked system to kill existing applications and start new ones as the locked user, even if the session is still locked.
EPSS
3.6 Low
CVSS2
6.1 Medium
CVSS3