Christoph Wickert

**Name of the Vulnerable Software and Affected Versions** Xfce4-session version 4.5.91 **Description** The issue concerns Xfce4-session not locking the screen when the suspend or hibernate button is pressed. This could potentially allow physically proximate attackers to access an unattended laptop via a resume action. It is noted that there is no general agreement on whether this behavior constitutes a vulnerability, as separate control over locking can be equally or more secure in certain threat environments. **Recommendations** For Xfce4-session version 4.5.91, consider configuring the system to lock the screen manually when suspending or hibernating to minimize potential risks.