Lucene search

K
cve[email protected]CVE-2009-4997
HistoryOct 03, 2022 - 4:24 p.m.

CVE-2009-4997

2022-10-0316:24:04
CWE-264
web.nvd.nist.gov
21
cve-2009-4997
gnome-power-manager
lock_on_suspend
lock_on_hibernate
screen lock
physical access
vulnerability

6.4 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

26.5%

gnome-power-manager 2.27.92 does not properly implement the lock_on_suspend and lock_on_hibernate settings for locking the screen when the suspend or hibernate button is pressed, which might make it easier for physically proximate attackers to access an unattended laptop via a resume action, a related issue to CVE-2010-2532. NOTE: this issue exists because of a regression that followed a gnome-power-manager fix a few years earlier.

Affected configurations

NVD
Node
gnomepower_managerMatch2.27.92

6.4 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

26.5%