USN-7052-1
- Source
- https://ubuntu.com/security/notices/USN-7052-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7052-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-7052-1
- Related
- Published
- 2024-10-03T05:14:22.383511Z
- Modified
- 2024-10-03T05:14:22.383511Z
- Summary
- gnome-shell vulnerabilities
- Details
-
It was discovered that GNOME Shell mishandled extensions that fail to reload, possibly leading to extensions staying enabled on the lock screen. An attacker could possibly use this issue to launch applications, view sensitive information, or execute arbitrary commands. (CVE-2017-8288)
It was discovered that the GNOME Shell incorrectly handled certain keyboard inputs. An attacker could possibly use this issue to invoke keyboard shortcuts, and potentially other actions while the workstation was locked. (CVE-2019-3820)
- References
Affected packages
Ubuntu:Pro:16.04:LTS / gnome-shell
Package
- Name
- gnome-shell
- Purl
- pkg:deb/ubuntu/gnome-shell?arch=src?distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.18.5-0ubuntu0.3+esm1
Affected versions
3.*
3.16.4-0ubuntu1
3.18.1-1ubuntu1
3.18.2-0ubuntu1
3.18.2-0ubuntu2
3.18.3-3ubuntu1
3.18.4-0ubuntu1
3.18.4-0ubuntu2
3.18.4-0ubuntu3
3.18.5-0ubuntu0.1
3.18.5-0ubuntu0.2
3.18.5-0ubuntu0.3
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "3.18.5-0ubuntu0.3+esm1",
"binary_name": "gnome-shell"
},
{
"binary_version": "3.18.5-0ubuntu0.3+esm1",
"binary_name": "gnome-shell-common"
},
{
"binary_version": "3.18.5-0ubuntu0.3+esm1",
"binary_name": "gnome-shell-dbg"
},
{
"binary_version": "3.18.5-0ubuntu0.3+esm1",
"binary_name": "gnome-shell-dbgsym"
}
]
}