CVE-2019-3820

Priority
Description
It was discovered that the gnome-shell lock screen since version 3.15.91
did not properly restrict all contextual actions. An attacker with physical
access to a locked workstation could invoke certain keyboard shortcuts, and
potentially other actions.
Notes
 mdeslaur> introduced by https://gitlab.gnome.org/GNOME/gnome-shell/commit/c79d24b60e773262091023feb6ee1b3deef1c471
Assigned-to
leosilva
Package
Upstream:released (3.30.2-3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [3.10.4-0ubuntu5.2])
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):released (3.28.3+git20190124-0ubuntu18.04.2)
Ubuntu 18.10 (Cosmic Cuttlefish):released (3.30.2-0ubuntu1.18.10.2)
Ubuntu 19.04 (Disco Dingo):released (3.30.2-3)
Ubuntu 19.10 (Eoan):not-affected
Patches:
Upstream:https://gitlab.gnome.org/GNOME/gnome-shell/commit/511e8c658445377b044c6dfb241709142c97a8ce
Upstream:https://gitlab.gnome.org/GNOME/gnome-shell/commit/e23f4d6c7c300e579db21bb9dffeeaace6f39959
More Information

Updated: 2019-05-06 16:14:21 UTC (commit 283847c0629aadb2cccdaabc0f65f1c234f6d346)