{ "threat_severity" : "Moderate", "public_date" : "2019-02-05T12:00:00Z", "bugzilla" : { "description" : "gnome-shell: partial lock screen bypass", "id" : "1669391", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1669391" }, "cvss3" : { "cvss3_base_score" : "4.8", "cvss3_scoring_vector" : "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "status" : "verified" }, "cwe" : "CWE-285", "details" : [ "It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.", "A vulnerability was found where the gnome-shell lock screen, since version 3.15.91, does not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts and potentially other actions. This vulnerability was fixed in gnome-shell 3.31.5 and 3.30.3." ], "acknowledgement" : "Red Hat would like to thank Ray Strode (The GNOME Project) for reporting this issue. Upstream acknowledges Maxime Vellard as the original reporter.", "affected_release" : [ { "product_name" : "Red Hat Ansible Tower 3.5 for RHEL 7", "release_date" : "2020-04-22T00:00:00Z", "advisory" : "RHBA-2020:1539", "cpe" : "cpe:/a:redhat:ansible_tower:3.5::el7", "package" : "ansible-tower-35/ansible-tower:3.5.6-1" }, { "product_name" : "Red Hat Ansible Tower 3.6 for RHEL 7", "release_date" : "2020-04-22T00:00:00Z", "advisory" : "RHBA-2020:1540", "cpe" : "cpe:/a:redhat:ansible_tower:3.6::el7", "package" : "ansible-tower-36/ansible-tower:3.6.4-1" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "accountsservice-0:0.6.50-7.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "colord-0:1.3.4-2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "control-center-1:3.28.1-6.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "gdm-1:3.28.2-22.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "gnome-online-accounts-0:3.28.2-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "gnome-settings-daemon-0:3.28.1-8.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "gnome-shell-0:3.28.3-24.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "gnome-shell-extensions-0:3.28.1-11.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "gnome-tweak-tool-0:3.28.1-7.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "gsettings-desktop-schemas-0:3.28.0-3.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "gtk3-0:3.22.30-5.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "libcanberra-0:0.30-9.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "libgweather-0:3.28.2-3.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "LibRaw-0:0.19.4-1.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "mutter-0:3.28.3-20.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "nautilus-0:3.26.3.1-7.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "osinfo-db-0:20190805-2.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "shared-mime-info-0:1.8-5.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "tracker-0:1.10.5-8.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-03-31T00:00:00Z", "advisory" : "RHSA-2020:1021", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "xchat-1:2.8.8-25.el7" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "accountsservice-0:0.6.50-7.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "appstream-data-0:8-20190805.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "baobab-0:3.28.0-2.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "chrome-gnome-shell-0:10.1-6.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "evince-0:3.28.4-3.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "file-roller-0:3.28.1-2.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gdk-pixbuf2-0:2.36.12-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gdm-1:3.28.3-22.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gjs-0:1.56.2-3.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-control-center-0:3.28.2-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-desktop3-0:3.32.2-1.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-remote-desktop-0:0.1.6-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-settings-daemon-0:3.32.0-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-shell-0:3.32.2-9.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-shell-extensions-0:3.32.1-10.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-software-0:3.30.6-2.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-tweaks-0:3.28.1-6.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gsettings-desktop-schemas-0:3.32.0-3.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gtk3-0:3.22.30-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gvfs-0:1.36.2-6.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "mozjs60-0:60.9.0-3.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "mutter-0:3.32.2-10.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "nautilus-0:3.28.1-10.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "pango-0:1.42.4-6.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "pidgin-0:2.13.0-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "plymouth-0:0.9.3-15.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "SDL-0:1.2.15-35.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "wayland-protocols-0:1.17-1.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "webkit2gtk3-0:2.24.3-1.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "accountsservice-0:0.6.50-7.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "appstream-data-0:8-20190805.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "baobab-0:3.28.0-2.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "chrome-gnome-shell-0:10.1-6.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "evince-0:3.28.4-3.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "file-roller-0:3.28.1-2.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gdk-pixbuf2-0:2.36.12-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gdm-1:3.28.3-22.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gjs-0:1.56.2-3.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-control-center-0:3.28.2-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-desktop3-0:3.32.2-1.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-remote-desktop-0:0.1.6-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-settings-daemon-0:3.32.0-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-shell-0:3.32.2-9.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-shell-extensions-0:3.32.1-10.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-software-0:3.30.6-2.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-tweaks-0:3.28.1-6.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gsettings-desktop-schemas-0:3.32.0-3.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gtk3-0:3.22.30-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gvfs-0:1.36.2-6.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "mozjs60-0:60.9.0-3.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "mutter-0:3.32.2-10.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "nautilus-0:3.28.1-10.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "pango-0:1.42.4-6.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "pidgin-0:2.13.0-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "plymouth-0:0.9.3-15.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "SDL-0:1.2.15-35.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "wayland-protocols-0:1.17-1.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "webkit2gtk3-0:2.24.3-1.el8" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2019-3820\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-3820\nhttps://gitlab.gnome.org/GNOME/gnome-shell/issues/851" ], "name" : "CVE-2019-3820", "csaw" : false }