QwikSec

Security Database

CVE

CWE

Training

CVE-2014-7300

Published: Dec 25, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://git.gnome.org/browse/gnome-shell/commit/?id=a72dca361080ffc9f45ff90188a7cf013c3c4013

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

https://git.gnome.org/browse/gnome-shell/commit/?id=f02b007337e61436aaa0e81a86ad707b6d277378

x_refsource_CONFIRM

https://bugzilla.gnome.org/show_bug.cgi?id=737456

x_refsource_CONFIRM

[oss-security] 20140929 gnome-shell lockscreen bypass with printscreen key

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.