CVE-2015-7496

gdm: Crash when holding Escape in log screen

Severity Score

4.3

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key.

GNOME Display Manager (gdm) en versiones anteriores a 3.18.2 permite a atacantes físicamente próximos eludir la pantalla de bloqueo manteniendo pulsada la tecla Escape.

It was found that gdm could crash due to a signal handler dispatched to an invalid conversation. An attacker could crash gdm by holding the escape key when the screen is locked, possibly bypassing the locked screen.

The GNOME Display Manager provides the graphical login screen shown shortly after boot up, log out, and when user-switching. The following packages have been upgraded to a later upstream version: gdm, gnome-session. Security Fix: It was found that gdm could crash due to a signal handler dispatched to an invalid conversation. An attacker could crash gdm by holding the escape key when the screen is locked, possibly bypassing the locked screen.

*Credits: N/A

CVSS Scores

Attack Vector

Physical

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2015-09-29 CVE Reserved
2015-11-24 CVE Published
2024-08-06 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-264: Permissions, Privileges, and Access Controls
CWE-364: Signal Handler Race Condition

CAPEC

References (8)

URL	Tag	Source
http://www.openwall.com/lists/oss-security/2015/11/17/10	Mailing List
http://www.openwall.com/lists/oss-security/2015/11/17/8	Mailing List
https://bugzilla.gnome.org/show_bug.cgi?id=758032	X_refsource_confirm

URL	Date	SRC

URL	Date	SRC
https://download.gnome.org/sources/gdm/3.18/gdm-3.18.2.news	2018-01-05

URL	Date	SRC
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172328.html	2018-01-05
https://access.redhat.com/errata/RHSA-2017:2128	2018-01-05
https://access.redhat.com/security/cve/CVE-2015-7496	2017-08-01
https://bugzilla.redhat.com/show_bug.cgi?id=1283279	2017-08-01

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				23 Search vendor "Fedoraproject" for product "Fedora" and version "23"		-		Affected
Gnome Search vendor "Gnome"		Gnome Display Manager Search vendor "Gnome" for product "Gnome Display Manager"				<= 3.18.0 Search vendor "Gnome" for product "Gnome Display Manager" and version " <= 3.18.0"		-		Affected