gnome-screensaver crashed with SIGSEGV

Bug #1152313 reported by Pablo Catalina on 2013-03-07
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
gnome-screensaver (Ubuntu)
Medium
Unassigned

Bug Description

Open UrbanTerror 2
Join a Game

Wait for screensaver without doing anything.

The gnome-screensaver die.

Because the "new" gnome-screensaver is used to lock the screen it is a security vuln. A malware can use that bug to unlock the computer.

ProblemType: Crash
DistroRelease: Ubuntu 12.10
Package: gnome-screensaver 3.6.0-0ubuntu2.1
ProcVersionSignature: Ubuntu 3.5.0-26.40-generic 3.5.7.6
Uname: Linux 3.5.0-26-generic x86_64
NonfreeKernelModules: fglrx
ApportVersion: 2.6.1-0ubuntu10
Architecture: amd64
CrashCounter: 1
Date: Thu Mar 7 21:20:12 2013
ExecutablePath: /usr/bin/gnome-screensaver
GnomeSessionIdleInhibited: No
GnomeSessionInhibitors: None
GsettingsGnomeSession:
 org.gnome.desktop.session idle-delay uint32 60
 org.gnome.desktop.session session-name 'ubuntu'
InstallationDate: Installed on 2012-11-02 (125 days ago)
InstallationMedia: Ubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.5)
MarkForUpload: True
ProcCmdline: /usr/bin/gnome-screensaver --no-daemon
SegvAnalysis:
 Segfault happened at: 0x7f68832f0250: mov 0x60(%rdi),%rcx
 PC (0x7f68832f0250) ok
 source "0x60(%rdi)" (0x00000060) not located in a known VMA region (needed readable region)!
 destination "%rcx" ok
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: gnome-screensaver
StacktraceTop:
 ?? () from /usr/lib/x86_64-linux-gnu/libgdk-3.so.0
 ?? () from /usr/lib/x86_64-linux-gnu/libgdk-3.so.0
 ?? () from /usr/lib/x86_64-linux-gnu/libgdk-3.so.0
 ?? () from /usr/lib/x86_64-linux-gnu/libgdk-3.so.0
 ?? () from /usr/lib/x86_64-linux-gnu/libgdk-3.so.0
Title: gnome-screensaver crashed with SIGSEGV
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm cdrom dip disk kismet libvirtd lpadmin plugdev sambashare src sudo vboxusers

Pablo Catalina (xkill) wrote :

StacktraceTop:
 _gdk_device_translate_axis (device=device@entry=0x0, index_=index_@entry=0, value=0, axis_value=axis_value@entry=0x0) at /build/buildd/gtk+3.0-3.6.0/./gdk/gdkdevice.c:1595
 translate_axes (device=0x0, x=-21, y=0, window=0x21485a0, valuators=valuators@entry=0x23b9490) at /build/buildd/gtk+3.0-3.6.0/./gdk/x11/gdkdevicemanager-xi2.c:894
 gdk_x11_device_manager_xi2_translate_event (xevent=<optimized out>, event=<optimized out>, display=<optimized out>, translator=<optimized out>) at /build/buildd/gtk+3.0-3.6.0/./gdk/x11/gdkdevicemanager-xi2.c:1379
 gdk_x11_device_manager_xi2_translate_event (translator=<optimized out>, display=<optimized out>, event=<optimized out>, xevent=<optimized out>) at /build/buildd/gtk+3.0-3.6.0/./gdk/x11/gdkdevicemanager-xi2.c:1101
 _gdk_x11_event_translator_translate (translator=translator@entry=0x2121320, display=0x213c020, xevent=xevent@entry=0x7fff09c83df0) at /build/buildd/gtk+3.0-3.6.0/./gdk/x11/gdkeventtranslator.c:51

Changed in gnome-screensaver (Ubuntu):
importance: Undecided → Medium
tags: removed: need-amd64-retrace

Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.

information type: Private Security → Public
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in gnome-screensaver (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers