CVE-2009-4997

gnome-power-manager 2.27.92 does not properly implement the lock_on_suspend and lock_on_hibernate settings for locking the screen when the suspend or hibernate button is pressed, which might make it easier for physically proximate attackers to access an unattended laptop via a resume action, a related issue to CVE-2010-2532.  NOTE: this issue exists because of a regression that followed a gnome-power-manager fix a few years earlier.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
VendorProductVersion
gnomepower_manager
2.27.92
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
gnome-power-manager
bullseye
3.32.0-2
fixed
bookworm
43.0-1
fixed
sid
43.0-2
fixed
trixie
43.0-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gnome-power-manager
lucid
not-affected
karmic
not-affected
jaunty
not-affected
hardy
not-affected
dapper
ignored
Common Weakness Enumeration
References
https://bugs.launchpad.net/ubuntu/+source/gnome-power-manager/+bug/42052
https://bugs.launchpad.net/ubuntu/+source/gnome-power-manager/+bug/428115
https://bugs.launchpad.net/ubuntu/+source/gnome-power-manager/+bug/42052
https://bugs.launchpad.net/ubuntu/+source/gnome-power-manager/+bug/428115