After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 609789 - CVE-2010-0422 gnome-screensaver: loses its unlock dialog and keyboard grab sometimes when plugging and unplugging monitor repeatedly
CVE-2010-0422 gnome-screensaver: loses its unlock dialog and keyboard grab so...
Status: RESOLVED FIXED
Product: gnome-screensaver
Classification: Deprecated
Component: general
unspecified
Other Linux
: Normal normal
: ---
Assigned To: gnome-screensaver maintainers
gnome-screensaver maintainers
Depends on:
Blocks:
 
 
Reported: 2010-02-12 20:56 UTC by Ray Strode [halfline]
Modified: 2010-06-21 21:19 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
Keep grab and lock dialog in sync (6.70 KB, patch)
2010-02-12 20:56 UTC, Ray Strode [halfline] 		committed Details | Review

Description Ray Strode [halfline] 2010-02-12 20:56:49 UTC 
Created attachment 153663 [details] [review]
Keep grab and lock dialog in sync

gnome-screensaver can lose its keyboard grab when locked, exposing the system
to intrusion by adding and removing monitors.

This issue is similar to but different than bug 609337 (CVE-2010-0414)

Steps to reproduce:

1) Lock screen
2) Plug in new monitor and wait for unlock dialog to show on it.
3) Unplug new monitor, watch unlock dialog move to primary monitor
4) Replug new monitor, watch unlock dialog stay on primary monitor
5) Unplug new monitor
6) hit alt-f2 and type "pkill -f gnome-screensaver"
Comment 2 Ray Strode [halfline] 2010-02-12 21:30:19 UTC 
Downstream report:
https://bugzilla.redhat.com/show_bug.cgi?id=564464
Comment 3 William Jon McCann 2010-06-21 21:19:04 UTC 
Committed some time ago.