CVE-2015-7496Signal Handler Race Condition in Display Manager

CWE-264CWE-364Signal Handler Race Condition8 documents7 sources
Severity
7.2HIGHNVD
EPSS
0.1%
top 76.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Gnome Display ManagerFedoraproject Fedora
Timeline
PublishedNov 24
Latest updateMay 14

Description

GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

Also affects: Fedora 23

Patches

Patch: download.gnome.orgPatch: download.gnome.org

🔴Vulnerability Details

3
GHSA
GHSA-qwh9-f2h4-mw38: GNOME Display Manager (gdm) before 32022-05-14
OSV
CVE-2015-7496: GNOME Display Manager (gdm) before 32015-11-24
CVEList
CVE-2015-7496: GNOME Display Manager (gdm) before 32015-11-24

📋Vendor Advisories

2
Red Hat
gdm: Crash when holding Escape in log screen2015-11-12
Debian
CVE-2015-7496: gdm3 - GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers ...2015

💬Community

2
Bugzilla
CVE-2015-7496 gdm: Crash when holding Escape in log screen [fedora-all]2015-11-18
Bugzilla
CVE-2015-7496 gdm: Crash when holding Escape in log screen2015-11-18
CVE-2015-7496 — Signal Handler Race Condition | cvebase