Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2015-8025

Published: 29 October 2015

driver/subprocs.c in XScreenSaver before 5.34 does not properly perform an internal consistency check, which allows physically proximate attackers to bypass the lock screen by hot swapping monitors.

Priority

Medium

Status

Package Release Status
xscreensaver
Launchpad, Ubuntu, Debian
precise
Released (5.15-2ubuntu1.1)
trusty Does not exist
(trusty was released [5.15-3+deb7u1ubuntu0.1])
upstream
Released (5.34-1)
vivid Ignored
(reached end-of-life)
wily Ignored
(reached end-of-life)
xenial Not vulnerable
(5.34-1ubuntu1)
Patches:
vendor: http://pkgs.fedoraproject.org/cgit/xscreensaver.git/plain/xscreensaver-5.33-0002-Modify-sigchld_hander-in_signal_hander_p-mechanism.patch?id