PT-2017-9034 · Slock · Slock

Eric Pruitt

Published

2016-09-21

Updated

2017-02-17

CVE-2016-6866

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions slock (affected versions not specified)

Description The issue allows attackers to bypass the screen lock through vectors involving an invalid password hash. This triggers a NULL pointer dereference and crash.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

CVE-2016-6866

DLA-598-1

MGASA-2016-0308

Affected Products

Slock

PT-2017-9034 · Slock · Slock

CVE-2016-6866

Weakness Enumeration

Related Identifiers

Affected Products

References · 19