CVE-2013-1940

Priority
Description
X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly
restrict access to input events when adding a new hot-plug device, which
might allow physically proximate attackers to obtain sensitive information,
as demonstrated by reading passwords from a tty.
Assigned-to
mdeslaur
Notes
Package
Upstream:released (1.13.4)
Patches:
Other:https://bugs.freedesktop.org/attachment.cgi?id=77717
Package
Upstream:needs-triage
More Information

Updated: 2020-03-18 22:12:10 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)