Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Unity | Ayatana_project | * | 7.2.0 (including) |
| Unity | Ayatana_project | 7.0.0 (including) | 7.0.0 (including) |
| Unity | Ayatana_project | 7.0.1 (including) | 7.0.1 (including) |
| Unity | Ayatana_project | 7.1.0 (including) | 7.1.0 (including) |
| Unity | Ayatana_project | 7.1.1 (including) | 7.1.1 (including) |
| Unity | Ayatana_project | 7.1.2 (including) | 7.1.2 (including) |
| Unity | Ayatana_project | 7.1.3 (including) | 7.1.3 (including) |
| Unity | Ubuntu | trusty | * |
References
- http://www.openwall.com/lists/oss-security/2014/04/26/1
- http://www.openwall.com/lists/oss-security/2014/04/26/2
- http://www.openwall.com/lists/oss-security/2014/04/29/2
- http://www.openwall.com/lists/oss-security/2014/05/03/1
- https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572
- https://bugs.launchpad.net/unity/+bug/1308750
- http://www.openwall.com/lists/oss-security/2014/04/26/1
- http://www.openwall.com/lists/oss-security/2014/04/26/2
- http://www.openwall.com/lists/oss-security/2014/04/29/2
- http://www.openwall.com/lists/oss-security/2014/05/03/1
- https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1308572
- https://bugs.launchpad.net/unity/+bug/1308750