Ubuntu Security Notice 2184-1 - Frederic Bardy discovered that Unity incorrectly filtered keyboard shortcuts when the screen was locked. A local attacker could possibly use this issue to run commands, and unlock the current session. Giovanni Mellini discovered that Unity could display the Dash in certain conditions when the screen was locked. A local attacker could possibly use this issue to run commands, and unlock the current session.
971d9a9d0418fd595042de940e87cc3d2fa03401f9970f243a361ef29a225dae============================================================================
Ubuntu Security Notice USN-2184-1
April 29, 2014
unity vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
The Unity lock screen could be bypassed.
Software Description:
- unity: Interface designed for efficiency of space and interaction.
Details:
Fr=C3=A9d=C3=A9ric Bardy discovered that Unity incorrectly filtered keyboard
shortcuts when the screen was locked. A local attacker could possibly use
this issue to run commands, and unlock the current session.
Giovanni Mellini discovered that Unity could display the Dash in certain
conditions when the screen was locked. A local attacker could possibly use
this issue to run commands, and unlock the current session.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
unity 7.2.0+14.04.20140423-0ubuntu1.1
After a standard system update you need to restart your session to make all
the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2184-1
https://launchpad.net/bugs/1308850, https://launchpad.net/bugs/1313885
Package Information:
https://launchpad.net/ubuntu/+source/unity/7.2.0+14.04.20140423-0ubuntu1.1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed