CVE-2010-0422

Publication date 24 February 2010

Last updated 24 July 2024

Ubuntu priority

gnome-screensaver 2.28.x before 2.28.3 does not properly synchronize the state of screen locking and the unlock dialog in situations involving a change to the number of monitors, which allows physically proximate attackers to bypass screen locking and access an unattended workstation by connecting and disconnecting monitors multiple times, a related issue to CVE-2010-0414.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
gnome-screensaver	9.10 karmic	Fixed 2.28.0-0ubuntu3.5
	9.04 jaunty	Not affected
	8.10 intrepid	Not affected
	8.04 LTS hardy	Not affected
	6.06 LTS dapper	Ignored end of life

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
gnome-screensaver	Upstream: ?id=f93 Upstream: ?id=d4d Upstream: ?id=271

References

Related Ubuntu Security Notices (USN)

USN-907-1
gnome-screensaver vulnerabilities
8 March 2010

Other references

https://www.cve.org/CVERecord?id=CVE-2010-0422