PT-2014-7892 · Gnome+5 · Gnome Shell+5

Published

2014-10-15

Updated

2016-08-31

CVE-2014-7300

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions GNOME Shell versions 3.14.x through 3.14.0

Description The issue allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests. This is possible when the Screen Lock feature is used and the aggregate memory consumption of all active PrtSc requests is not limited, leading to a temporary lock outage and shell availability due to the Linux kernel OOM killer.

Recommendations For GNOME Shell versions 3.14.x through 3.14.0, update to version 3.14.1 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

ALT-PU-2014-2267

CESA-2015_0535

CVE-2014-7300

MGASA-2014-0501

OPENSUSE-SU-2024:10441-1

RHSA-2015:0535

RHSA-2015_0535

SUSE-SU-2015:0515-1

SUSE-SU-2015_0515-1

Affected Products

Alt Linux

Centos

Gnome Shell

Linux Kernel

Red Hat

Suse

PT-2014-7892 · Gnome+5 · Gnome Shell+5

CVE-2014-7300

Weakness Enumeration

Related Identifiers

Affected Products

References · 48