Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv3

CVE-2019-3820

Published: 06/02/2019 Updated: 29/09/2021
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
CVSS v3 Base Score: 4.3 | Impact Score: 3.4 | Exploitability Score: 0.9
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Gnome

Vulnerability Summary

It exists that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gnome gnome-shell

opensuse leap 15.0

opensuse leap 15.1

opensuse leap 42.3

canonical ubuntu linux 18.04

canonical ubuntu linux 18.10

Vendor Advisories

Red Hat: Moderate: GNOME security, bug fix, and enhancement update
Synopsis Moderate: GNOME security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for GNOME is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ...
Debian CVElist Bug Report Logs: gnome-shell: CVE-2019-3820
Debian Bug report logs - #921490 gnome-shell: CVE-2019-3820 Package: src:gnome-shell; Maintainer for src:gnome-shell is Debian GNOME Maintainers <pkg-gnome-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 6 Feb 2019 05:03:05 UTC Severity: important Tags: security ...
Ubuntu Security Notice: gnome-shell vulnerability
GNOME Shell could be made to execute keyboard shortcuts and other actions while the workstation was locked ...
Amazon Linux 2: ALAS2-2020-1478
It was discovered that the gnome-shell lock screen since version 31591 did not properly restrict all contextual actions An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions (CVE-2019-3820) ...
Red Hat: CVE-2019-3820
Impact: Moderate Public Date: 2019-02-05 CWE: CWE-285 Bugzilla: 1669391: CVE-2019-3820 gnome-shell: par ...
Arch Linux Issues:
A partial screen lock bypass via keybindings has been found in gdm <= 3302, allowing a local attacker to unlock a session under certain circumstances ...

References

CWE-287https://gitlab.gnome.org/GNOME/gnome-shell/issues/851https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3820https://usn.ubuntu.com/3966-1/http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00023.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00049.htmlhttps://access.redhat.com/errata/RHSA-2020:1021https://usn.ubuntu.com/3966-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000CVE-2024-4439unauthorizedCVE-2024-0042CVE-2024-31848CVE-2023-40694cache poisoningCVE-2024-23707firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook