Vulnerability Details CVE-2019-3820
It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.5%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 4.6
References
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00023.html
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00049.html
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3820
- https://gitlab.gnome.org/GNOME/gnome-shell/issues/851
- https://usn.ubuntu.com/3966-1/
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00023.html
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00049.html
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3820
- https://gitlab.gnome.org/GNOME/gnome-shell/issues/851
- https://usn.ubuntu.com/3966-1/
Products affected by CVE-2019-3820
-
cpe:2.3:a:gnome:gnome-shell:3.15.91
-
cpe:2.3:a:gnome:gnome-shell:3.15.92
-
cpe:2.3:a:gnome:gnome-shell:3.16.0
-
cpe:2.3:a:gnome:gnome-shell:3.16.1
-
cpe:2.3:a:gnome:gnome-shell:3.16.2
-
cpe:2.3:a:gnome:gnome-shell:3.16.3
-
cpe:2.3:a:gnome:gnome-shell:3.16.4
-
cpe:2.3:a:gnome:gnome-shell:3.17.1
-
cpe:2.3:a:gnome:gnome-shell:3.17.2
-
cpe:2.3:a:gnome:gnome-shell:3.17.3
-
cpe:2.3:a:gnome:gnome-shell:3.17.4
-
cpe:2.3:a:gnome:gnome-shell:3.17.90
-
cpe:2.3:a:gnome:gnome-shell:3.17.91
-
cpe:2.3:a:gnome:gnome-shell:3.17.92
-
cpe:2.3:a:gnome:gnome-shell:3.18.0
-
cpe:2.3:a:gnome:gnome-shell:3.18.1
-
cpe:2.3:a:gnome:gnome-shell:3.18.2
-
cpe:2.3:a:gnome:gnome-shell:3.18.3
-
cpe:2.3:a:gnome:gnome-shell:3.18.4
-
cpe:2.3:a:gnome:gnome-shell:3.18.5
-
cpe:2.3:a:gnome:gnome-shell:3.19.1
-
cpe:2.3:a:gnome:gnome-shell:3.19.2
-
cpe:2.3:a:gnome:gnome-shell:3.19.3
-
cpe:2.3:a:gnome:gnome-shell:3.19.4
-
cpe:2.3:a:gnome:gnome-shell:3.19.90
-
cpe:2.3:a:gnome:gnome-shell:3.19.91
-
cpe:2.3:a:gnome:gnome-shell:3.19.92
-
cpe:2.3:a:gnome:gnome-shell:3.20.0
-
cpe:2.3:a:gnome:gnome-shell:3.20.1
-
cpe:2.3:a:gnome:gnome-shell:3.20.2
-
cpe:2.3:a:gnome:gnome-shell:3.20.3
-
cpe:2.3:a:gnome:gnome-shell:3.20.4
-
cpe:2.3:a:gnome:gnome-shell:3.21.1
-
cpe:2.3:a:gnome:gnome-shell:3.21.2
-
cpe:2.3:a:gnome:gnome-shell:3.21.3
-
cpe:2.3:a:gnome:gnome-shell:3.21.4
-
cpe:2.3:a:gnome:gnome-shell:3.21.90
-
cpe:2.3:a:gnome:gnome-shell:3.21.90.1
-
cpe:2.3:a:gnome:gnome-shell:3.21.91
-
cpe:2.3:a:gnome:gnome-shell:3.21.92
-
cpe:2.3:a:gnome:gnome-shell:3.22.0
-
cpe:2.3:a:gnome:gnome-shell:3.22.1
-
cpe:2.3:a:gnome:gnome-shell:3.22.2
-
cpe:2.3:a:gnome:gnome-shell:3.22.3
-
cpe:2.3:a:gnome:gnome-shell:3.23.1
-
cpe:2.3:a:gnome:gnome-shell:3.23.2
-
cpe:2.3:a:gnome:gnome-shell:3.23.3
-
cpe:2.3:a:gnome:gnome-shell:3.23.90
-
cpe:2.3:a:gnome:gnome-shell:3.23.91
-
cpe:2.3:a:gnome:gnome-shell:3.23.92
-
cpe:2.3:a:gnome:gnome-shell:3.24.0
-
cpe:2.3:a:gnome:gnome-shell:3.24.1
-
cpe:2.3:a:gnome:gnome-shell:3.24.2
-
cpe:2.3:a:gnome:gnome-shell:3.24.3
-
cpe:2.3:a:gnome:gnome-shell:3.25.1
-
cpe:2.3:a:gnome:gnome-shell:3.25.2
-
cpe:2.3:a:gnome:gnome-shell:3.25.3
-
cpe:2.3:a:gnome:gnome-shell:3.25.4
-
cpe:2.3:a:gnome:gnome-shell:3.25.90
-
cpe:2.3:a:gnome:gnome-shell:3.25.91
-
cpe:2.3:a:gnome:gnome-shell:3.26.0
-
cpe:2.3:a:gnome:gnome-shell:3.26.1
-
cpe:2.3:a:gnome:gnome-shell:3.26.2
-
cpe:2.3:a:gnome:gnome-shell:3.27.1
-
cpe:2.3:a:gnome:gnome-shell:3.27.91
-
cpe:2.3:a:gnome:gnome-shell:3.27.92
-
cpe:2.3:a:gnome:gnome-shell:3.28.0
-
cpe:2.3:a:gnome:gnome-shell:3.28.1
-
cpe:2.3:a:gnome:gnome-shell:3.28.2
-
cpe:2.3:a:gnome:gnome-shell:3.28.3
-
cpe:2.3:a:gnome:gnome-shell:3.28.4
-
cpe:2.3:a:gnome:gnome-shell:3.29.1
-
cpe:2.3:a:gnome:gnome-shell:3.29.2
-
cpe:2.3:a:gnome:gnome-shell:3.29.3
-
cpe:2.3:a:gnome:gnome-shell:3.29.4
-
cpe:2.3:a:gnome:gnome-shell:3.29.90
-
cpe:2.3:a:gnome:gnome-shell:3.29.91
-
cpe:2.3:a:gnome:gnome-shell:3.29.92
-
cpe:2.3:a:gnome:gnome-shell:3.30.0
-
cpe:2.3:a:gnome:gnome-shell:3.30.1
-
cpe:2.3:a:gnome:gnome-shell:3.30.2
-
cpe:2.3:a:gnome:gnome-shell:3.31.2
-
cpe:2.3:a:gnome:gnome-shell:3.31.4
-
cpe:2.3:o:canonical:ubuntu_linux:18.04
-
cpe:2.3:o:canonical:ubuntu_linux:18.10
-
cpe:2.3:o:opensuse:leap:15.0
-
cpe:2.3:o:opensuse:leap:15.1
-
cpe:2.3:o:opensuse:leap:42.3