Keyboard Focus Bypass Vulnerability in Unity

Keyboard Focus Bypass Vulnerability in Unity

CVE-2014-5195 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the lock screen by (1) leveraging a machine that had text selected when locking or (2) resuming from a suspension.

Learn more about our Cis Benchmark Audit For Ubuntu Linux.