CVE-2009-4996

Publication date 7 September 2010

Last updated 4 August 2025

Description

Xfce4-session 4.5.91 in Xfce does not lock the screen when the suspend or hibernate button is pressed, which might make it easier for physically proximate attackers to access an unattended laptop via a resume action, a related issue to CVE-2010-2532. NOTE: there is no general agreement that this is a vulnerability, because separate control over locking can be an equally secure, or more secure, behavior in some threat environments

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
xfce4-session	12.04 LTS precise	Ignored
	11.10 oneiric	Ignored
	11.04 natty	Ignored
	10.10 maverick	Ignored end of life
	10.04 LTS lucid	Ignored
	9.10 karmic	Ignored end of life
	9.04 jaunty	Ignored end of life
	8.04 LTS hardy	Ignored end of life
	6.06 LTS dapper	Ignored end of life

Notes

sbeattie

upstream does not intend to fix this in xfce4-session, but rather via whatever power manager is installed.

CVE-2009-4996

Description

Status

Notes

sbeattie

References

Other references

Access our resources on patching vulnerabilities