Critical security control bypass (lock screen)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
unity (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Next info provided on behalf of Crytek CERT:
Due to bug in screenlock implementation in latest Ubuntu 16.04.1 LTS, it is possible to crash screenlock with a short timeslot in ~1.5 seconds, during which you can interact with programs on desktop.
Requirements:
2 languages (EN, RU)
Language switch shortcut: LCtrl+LShift
Steps to reproduce:
Lock screen with Super+L
Press LCtrl+LShift to switch language, and during crash of screenlock, right click on desktop to hover context menu - this will expand timeslot up to 3 seconds
Additional info with all available logs will be added.
---
.tmp.unity_
ApportVersion: 2.20.1-0ubuntu2.1
Architecture: amd64
CompizPlugins: No value set for `/apps/
CompositorRunning: compiz
CompositorUnred
CompositorUnred
DistUpgraded: Fresh install
DistroCodename: xenial
DistroRelease: Ubuntu 16.04
DistroVariant: ubuntu
EcryptfsInUse: Yes
GraphicsCard: InnoTek Systemberatung GmbH VirtualBox Graphics Adapter [80ee:beef] (prog-if 00 [VGA controller])
InstallationDate: Installed on 2016-08-09 (0 days ago)
InstallationMedia: Ubuntu 16.04.1 LTS "Xenial Xerus" - Release amd64 (20160719)
Lsusb:
Bus 001 Device 002: ID 80ee:0021 VirtualBox USB Tablet
Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
MachineType: innotek GmbH VirtualBox
Package: unity 7.4.0+16.
PackageArchitec
ProcKernelCmdLine: BOOT_IMAGE=
ProcVersionSign
Renderer: Software
Tags: xenial xenial xenial ubuntu compiz-0.9
Uname: Linux 4.4.0-34-generic x86_64
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups:
_MarkForUpload: True
dmi.bios.date: 12/01/2006
dmi.bios.vendor: innotek GmbH
dmi.bios.version: VirtualBox
dmi.board.name: VirtualBox
dmi.board.vendor: Oracle Corporation
dmi.board.version: 1.2
dmi.chassis.type: 1
dmi.chassis.vendor: Oracle Corporation
dmi.modalias: dmi:bvninnotekG
dmi.product.name: VirtualBox
dmi.product.
dmi.sys.vendor: innotek GmbH
version.compiz: compiz 1:0.9.12.
version.ia32-libs: ia32-libs N/A
version.libdrm2: libdrm2 2.4.67-
version.
version.
version.
version.
version.
version.
version.
version.
information type: | Private Security → Public Security |
And, with better quality:
https:/ /youtu. be/RwVoOSdAqZ4