CVE-2010-2532

Name of the Vulnerable Software and Affected Versions lxsession versions in LXDE, as used on SUSE openSUSE 11.3 and other platforms

Description The issue concerns the behavior of lxsession-logout in LXDE when the Suspend or Hibernate button is pressed. It does not lock the screen, which might make it easier for physically proximate attackers to access an unattended laptop via a resume action. There is a note that there is no general agreement that this is a vulnerability, because separate control over locking can be an equally secure, or more secure, behavior in some threat environments.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.