CVE-2015-1319

The Unity Settings Daemon before 14.04.0+14.04.20150825-0ubuntu2 and 15.04.x before 15.04.1+15.04.20150408-0ubuntu1.2 does not properly detect if the screen is locked, which allows physically proximate attackers to mount removable media while the screen is locked as demonstrated by inserting a USB thumb drive.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:P/A:N
canonicalCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
VendorProductVersion
canonicalubuntu_linux
14.04
canonicalubuntu_linux
15.04
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
unity-settings-daemon
vivid
Fixed 15.04.1+15.04.20150408-0ubuntu1.2
released
utopic
ignored
trusty
Fixed 14.04.0+14.04.20150825-0ubuntu2
released
precise
dne
lucid
dne
Common Weakness Enumeration
References
http://www.ubuntu.com/usn/USN-2741-1
https://bugs.launchpad.net/ubuntu/%2Bsource/unity/%2Bbug/1438870
http://www.ubuntu.com/usn/USN-2741-1
https://bugs.launchpad.net/ubuntu/%2Bsource/unity/%2Bbug/1438870