← Back

CVE-2014-7300

nvd nist
Published: Dec 25, 2014Modified: May 6, 2026

JSON object

Loading...
7.2
Vector
AV:L/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 3.9 / Impact: 10.0
Source: NVD

Description

GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.

Affected (5)

Gnome
1 product
Gnome Shell
Redhat
4 products
Enterprise Linux Desktop
Enterprise Linux Hpc Node
Enterprise Linux Server
Enterprise Linux Workstation
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Gnome Shell
Version 3.14.0
Configuration B
4 vulnerable
Vulnerable SoftwareAffected Versions
Enterprise Linux Desktop
Version 7.0
Enterprise Linux Hpc Node
Version 7.0
Enterprise Linux Server
Version 7.0
Enterprise Linux Workstation
Version 7.0

Related CWEs

CWE-399
CWE-399

References (10)

Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Issue TrackingVendor Advisory
Source: cve@mitre.org
Issue TrackingPatch
Source: cve@mitre.org
Issue TrackingPatch
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatch
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatch

Timeline

No history available yet.