https://bugs.kde.org/show_bug.cgi?id=484122
Bug ID: 484122
Summary: [Security Vulnerability] Keyboard input may not be
blocked by lock screen
Classification: Plasma
Product: kwin
Version: 6.0.2
Platform: Arch Linux
OS: Linux
Status: REPORTED
Severity: critical
Priority: NOR
Component: input
Assignee: kwin-bugs-n...@kde.org
Reporter: unblended_icing...@simplelogin.com
Target Milestone: ---
SUMMARY
I didn't find this bug, but it's observed by a user in Arch Linux CN group.
On resuming from hibernation there are brief moments where keyboard inputs are
not **reliably** blocked by lock screen but instead sent to the window behind
the lock screen. An attacker may abuse this small time-window to bypass the
lock screen by using hardware keyboard macro "loginctl unlock-session [Enter]"
if the last focused window is a terminal emulator.
STEPS TO REPRODUCE
1. Enter hibernation mode (suspend-to-disk) using the power button in
Application Launcher
2. Wake up from hibernation
3. Attempt to unlock KDE Plasma by typing the password
OBSERVED RESULT
(As described by the user who reported this bug)
On typing, some keys are not getting captured by KScreenLocker and the first
unlock attempt failed for providing wrong password.
The user successfully unlocked the session on second attempt, the lock screen
is dismissed, and the user found that some of the keyboard input events not
captured on first attempt are shown on the focused text box.
EXPECTED RESULT
No keyboard input event should be allowed to pass-through lock screen ever.
SOFTWARE/OS VERSIONS
Linux/KDE Plasma:
(available in About System)
KDE Plasma Version: 6.0.2
KDE Frameworks Version: 6.0.0
Qt Version: 6.6.2
ADDITIONAL INFORMATION
It's Wayland session as the user reported.
--
You are receiving this mail because:
You are watching all bug changes.
