Bug 783039 (CVE-2012-0064) - CVE-2012-0064 xkeyboard-config: screen-saver unlock via xkb debug key actions
Summary: CVE-2012-0064 xkeyboard-config: screen-saver unlock via xkb debug key actions
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2012-0064
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
: 783261 783382 (view as bug list)
Depends On: 783044 Engineering783376
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-01-19 06:13 UTC by Huzaifa S. Sidhpurwala
Modified: 2021-02-24 13:23 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-06-05 21:16:50 UTC


Attachments (Terms of Use)

Description Huzaifa S. Sidhpurwala 2012-01-19 06:13:45 UTC
It was found that XKB actions for debugging X.org clients were enabled by default. This could cause a screen locking application such as gnome-screensaver to be killed when those key combinations were triggered.

The debugging key actions were introduced in the following commit:
http://cgit.freedesktop.org/xorg/xserver/commit/?id=7d2543a3cb3089241982ce4f8984fd723d5312a1

Reference:
http://thread.gmane.org/gmane.comp.security.oss.general/6725

Mitigation:
http://thread.gmane.org/gmane.comp.security.oss.general/6725/focus=6731

Comment 2 Huzaifa S. Sidhpurwala 2012-01-19 06:19:07 UTC
This issue affects the version of xkeyboard-config as shipped with Fedora 16.

This issue does not affect the version of xkeyboard-config as shipped with Fedora 15, since the version of Xorg-x11-server does not have the relevant code to trigger the flaw.

Comment 3 Huzaifa S. Sidhpurwala 2012-01-19 06:30:55 UTC
Created xkeyboard-config tracking bugs for this issue

Affects: fedora-16 [bug 783044]

Comment 4 Huzaifa S. Sidhpurwala 2012-01-19 07:32:53 UTC
Xorg supports use of the Ctrl+Alt+Keypad-Multiply key sequence to kill clients with an active keyboard or mouse grab as well as killing any application that may have locked the server. This is disabled by default and can be enabled by adding the following line to xorg.conf:

Option "AllowClosedownGrabs" "on"

However the disabled grab support was removed in the server 1.4 development cycle. since then, the xorg.conf option had no effect (though the man page entry was removed later in the 1.6 cycle). it was re-introduced in the 1.11 development cycle, so the first version affected is 1.11.1 (Fedora-16)

In Red Hat Enterprise Linux 4 and 5 the above mentioned xorg.conf configuration directive is disabled by default, which prevents occurrence of this flaw and allows to enable this behaviour only in cases, where it is desired. The version of Xorg shipped with Red Hat Enterprise Linux 6 is not affected, because the relevant code is missing.

This issue was fixed in Fedora by removing the relevant portion of the keyboard mapping from the xfree86 config file.

Comment 5 Huzaifa S. Sidhpurwala 2012-01-19 07:58:23 UTC
This issue did NOT affect the version of xorg-x11 and xkeyboard-config in
Red Hat Enterprise Linux 4 and 5 respectively.

This issue did NOT affect the version of xkeyboard-config in
Red Hat Enterprise Linux 6.

Comment 6 Vincent Danen 2012-01-19 17:16:43 UTC
Statement:


Not vulnerable. This issue did not affect versions of xorg-x11 as shipped with Red Hat Enterprise Linux 4. This issue did not affect versions of xkeyboard-config as shipped with Red Hat Enterprise Linux 5 and 6.

Comment 7 Fedora Update System 2012-01-19 22:01:28 UTC
xkeyboard-config-2.3-3.fc16 has been pushed to the Fedora 16 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 8 Kurt Seifried 2012-01-19 23:03:11 UTC
*** Bug 783261 has been marked as a duplicate of this bug. ***

Comment 11 Dave Airlie 2012-01-20 09:36:52 UTC
*** Bug 783382 has been marked as a duplicate of this bug. ***

Comment 13 Vegard Lima 2012-01-26 08:08:44 UTC
Was this supposed to fix this issue:

$ rpm -q xkeyboard-config
xkeyboard-config-2.3-3.fc16.noarch
$ qdbus org.freedesktop.ScreenSaver /ScreenSaver Lock

Pressing Control+Alt+KeypadMultiply unlocks the screen.

Comment 14 Huzaifa S. Sidhpurwala 2012-01-26 08:17:27 UTC
(In reply to comment #13)
> Was this supposed to fix this issue:
> 
> $ rpm -q xkeyboard-config
> xkeyboard-config-2.3-3.fc16.noarch
> $ qdbus org.freedesktop.ScreenSaver /ScreenSaver Lock
> 
> Pressing Control+Alt+KeypadMultiply unlocks the screen.

Did you re-start X after installing the updates?

Comment 15 Vegard Lima 2012-01-26 08:31:14 UTC
(In reply to comment #14)
> (In reply to comment #13)
> > Was this supposed to fix this issue:
> > 
> > $ rpm -q xkeyboard-config
> > xkeyboard-config-2.3-3.fc16.noarch
> > $ qdbus org.freedesktop.ScreenSaver /ScreenSaver Lock
> > 
> > Pressing Control+Alt+KeypadMultiply unlocks the screen.
> 
> Did you re-start X after installing the updates?

Yes, X was restarted. Whole machine rebooted in fact.

I forgot to mention I'm using KDE.

Comment 16 Peter Hutterer 2012-01-26 22:27:08 UTC
Vegard, I need the output of "xkbcomp -xkb :0 -", your xorg.conf (if any) and whatever KDE settings you have configured for your keyboard.

Comment 17 Vegard Lima 2012-01-27 06:23:44 UTC
(In reply to comment #16)
> Vegard, I need the output of "xkbcomp -xkb :0 -", your xorg.conf (if any) and
> whatever KDE settings you have configured for your keyboard.

Aha! I was using and old xkb dump to switch "ยค" and "$" on my keyboard.
My mistake. Terribly sorry for the noise.


Note You need to log in before you can comment on or make changes to this bug.