Vulnerability Description
A vulnerability was found in GNOME Shell. GNOME Shell's lock screen allows an unauthenticated local user to view windows of the locked desktop session by using keyboard shortcuts to unlock the restricted functionality of the screenshot tool.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gnome | Gnome-Shell | >= 43, < 43.9 |
| Fedoraproject | Fedora | 37 |
Related Weaknesses (CWE)
References
- https://access.redhat.com/security/cve/CVE-2023-43090Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2239087Issue TrackingThird Party Advisory
- https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/6990ExploitIssue TrackingPatch
- https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/2944PatchVendor Advisory
- https://access.redhat.com/security/cve/CVE-2023-43090Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2239087Issue TrackingThird Party Advisory
- https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/6990ExploitIssue TrackingPatch
- https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/2944PatchVendor Advisory
FAQ
What is CVE-2023-43090?
CVE-2023-43090 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A vulnerability was found in GNOME Shell. GNOME Shell's lock screen allows an unauthenticated local user to view windows of the locked desktop session by using keyboard shortcuts to unlock the restric...
How severe is CVE-2023-43090?
CVE-2023-43090 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-43090?
Check the references section above for vendor advisories and patch information. Affected products include: Gnome Gnome-Shell, Fedoraproject Fedora.