CVE - CVE-2014-7300

CVE-ID
CVE-2014-7300	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:https://bugzilla.gnome.org/show_bug.cgi?id=737456 CONFIRM:https://git.gnome.org/browse/gnome-shell/commit/?id=a72dca361080ffc9f45ff90188a7cf013c3c4013 CONFIRM:https://git.gnome.org/browse/gnome-shell/commit/?id=f02b007337e61436aaa0e81a86ad707b6d277378 MLIST:[oss-security] 20140929 gnome-shell lockscreen bypass with printscreen key URL:http://openwall.com/lists/oss-security/2014/09/29/17 REDHAT:RHSA-2015:0535 URL:http://rhn.redhat.com/errata/RHSA-2015-0535.html
Assigning CNA
MITRE Corporation
Date Record Created
20141002	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20141002)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is a record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)