systemd 242 changes the VT1 mode upon a logout, which allows malicious users to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
systemd project systemd 242 |
||
netapp cn1610_firmware - |
||
netapp solidfire \\& hci management node - |
||
netapp snapprotect - |