UBUNTU-CVE-2014-5195

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2014-5195

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-5195.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2014-5195

Upstream

CVE-2014-5195

Related

USN-2303-1

Published

2014-08-07T11:13:00Z

Modified

2026-04-22T09:46:48.042974Z

Severity

Ubuntu - medium

Summary

[none]

Details

Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the lock screen by (1) leveraging a machine that had text selected when locking or (2) resuming from a suspension.

References

Affected packages

Ubuntu:14.04:LTS / unity

Package

Name: unity
Purl: pkg:deb/ubuntu/unity@7.2.2+14.04.20140714-0ubuntu1.1?arch=source&distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.2+14.04.20140714-0ubuntu1.1

Affected versions

7.*

7.1.2+13.10.20131014.1-0ubuntu1

7.1.2+14.04.20131106.1-0ubuntu1

7.1.2+14.04.20131106.1-0ubuntu2

7.1.2+14.04.20131106.1-0ubuntu4

7.1.2+14.04.20131106.1-0ubuntu5

7.1.2+14.04.20140214.1-0ubuntu1

7.1.2+14.04.20140217-0ubuntu1

7.1.2+14.04.20140218.1-0ubuntu1

7.1.2+14.04.20140218.1-0ubuntu2

7.1.2+14.04.20140220-0ubuntu1

7.1.2+14.04.20140228-0ubuntu1

7.1.2+14.04.20140303-0ubuntu1

7.1.2+14.04.20140305-0ubuntu1

7.1.2+14.04.20140311-0ubuntu1

7.1.2+14.04.20140312-0ubuntu1

7.1.2+14.04.20140313-0ubuntu1

7.1.2+14.04.20140318-0ubuntu1

7.1.2+14.04.20140320.1-0ubuntu1

7.1.2+14.04.20140321-0ubuntu1

7.1.2+14.04.20140328.1-0ubuntu1

7.2.0+14.04.20140402-0ubuntu1

7.2.0+14.04.20140403-0ubuntu1

7.2.0+14.04.20140404-0ubuntu1

7.2.0+14.04.20140410-0ubuntu1

7.2.0+14.04.20140410.1-0ubuntu1

7.2.0+14.04.20140411-0ubuntu1

7.2.0+14.04.20140414.1-0ubuntu1

7.2.0+14.04.20140416-0ubuntu1

7.2.0+14.04.20140423-0ubuntu1.1

7.2.0+14.04.20140423-0ubuntu1.2

7.2.1+14.04.20140513-0ubuntu2

7.2.2+14.04.20140714-0ubuntu1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libunity-2d-private0",
            "binary_version": "7.2.2+14.04.20140714-0ubuntu1.1"
        },
        {
            "binary_name": "libunity-core-6.0-9",
            "binary_version": "7.2.2+14.04.20140714-0ubuntu1.1"
        },
        {
            "binary_name": "unity",
            "binary_version": "7.2.2+14.04.20140714-0ubuntu1.1"
        },
        {
            "binary_name": "unity-2d",
            "binary_version": "7.2.2+14.04.20140714-0ubuntu1.1"
        },
        {
            "binary_name": "unity-2d-common",
            "binary_version": "7.2.2+14.04.20140714-0ubuntu1.1"
        },
        {
            "binary_name": "unity-2d-panel",
            "binary_version": "7.2.2+14.04.20140714-0ubuntu1.1"
        },
        {
            "binary_name": "unity-2d-shell",
            "binary_version": "7.2.2+14.04.20140714-0ubuntu1.1"
        },
        {
            "binary_name": "unity-2d-spread",
            "binary_version": "7.2.2+14.04.20140714-0ubuntu1.1"
        },
        {
            "binary_name": "unity-autopilot",
            "binary_version": "7.2.2+14.04.20140714-0ubuntu1.1"
        },
        {
            "binary_name": "unity-services",
            "binary_version": "7.2.2+14.04.20140714-0ubuntu1.1"
        }
    ],
    "availability": "No subscription required"
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-5195.json"