Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 1183710 - (CVE-2015-1308) CVE-2015-1308 kde-workspace: X11 clients can eavesdrop input events while screen is locked
CVE-2015-1308 kde-workspace: X11 clients can eavesdrop input events while scr...
Status: CLOSED WONTFIX
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,public=20150116,reported=2...
: Security
Depends On: 1183712
Blocks: 1183711
  Show dependency treegraph
 
Reported: 2015-01-19 09:30 EST by Martin Prpič
Modified: 2016-01-21 05:06 EST (History)
10 users (show)

See Also:
Fixed In Version: kde-workspace 4.2.0
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-02-27 00:28:45 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Martin Prpič 2015-01-19 09:30:05 EST 
The following issue was found in KDE workspace:

Overview
========

Plasma ScreenLocker deamon (ksld) as part of ksmserver grabs keyboard and mouse to ensure that no other X11 client is able to read the input while the screen is locked. All input events are sent from ksld to the greeter process showing the unlocking UI.

The vulnerability allows any X11 client (either locally or remote) to gain access to all input events entered while the screen is locked.

Impact
======

Any application having access to the X server is able to sniff the user's password. An application connected to the X server might be run by a different user or even be a remote application.

Workaround
==========

To reduce the risk it's recommended to not allow X11 clients from other user accounts on the local system or remote X11 clients to connect to the X server.

On kde-workspace using the "Screen locker type" "Screen saver" instead of the default "Simple locker" can circumvent the problem.

In general disabling the screen locker also circumvents the problem.

Solution
========

For plasma-workspace upgrade to Plasma 5.1.95 or apply the following patch:

http://commits.kde.org/plasma-workspace/0ac34dca5d6a6ea8fc5c06e1dae96fb1ad4ce7c9
Comment 1 Martin Prpič 2015-01-19 09:30:38 EST 
CVE request: http://seclists.org/oss-sec/2015/q1/153
Comment 2 Martin Prpič 2015-01-19 09:31:57 EST 
Created kde-workspace tracking bugs for this issue:

Affects: fedora-all [bug 1183712]
Comment 3 Rex Dieter 2015-01-19 09:45:24 EST 
I'll poke upstream to find out why kde-workspace has no fix (afaict)
Comment 4 Ngo Than 2015-01-19 10:32:50 EST 
(In reply to Rex Dieter from comment #3)
> I'll poke upstream to find out why kde-workspace has no fix (afaict)

i already sent email to martin Gräßlin and asked him if there's a backport patch for kde-workspace. Still waiting.
Comment 5 Ngo Than 2015-01-20 06:41:43 EST 
i got the reply from martin yesterday. it seems there's no plan to provide the fix for old kde-workspace. i attached his reply.


>Hi Than,
>
>no there is no plan to back port it to kde-workspace. This would require lots 
>of work for questionable results. In particular the screen locker in kde-
>workspace allows to be quit through DBus (which is apparently considered a 
>feature). So one could just end the screen locker and start a fake locker 
>without going the complicated attack I found.
>
>Best Regards
>Martin Gräßlin
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.