Critical security control bypass (lock screen)

Next info provided on behalf of Crytek CERT:

Due to bug in screenlock implementation in latest Ubuntu 16.04.1 LTS, it is possible to crash screenlock with a short timeslot in ~1.5 seconds, during which you can interact with programs on desktop.

Requirements:
  2 languages (EN, RU)
  Language switch shortcut: LCtrl+LShift

Steps to reproduce:
  Lock screen with Super+L
  Press LCtrl+LShift to switch language, and during crash of screenlock, right click on desktop to hover context menu - this will expand timeslot up to 3 seconds

Additional info with all available logs will be added.
---
.tmp.unity_support_test.1:

ApportVersion: 2.20.1-0ubuntu2.1
Architecture: amd64
CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins'
CompositorRunning: compiz
CompositorUnredirectDriverBlacklist: '(nouveau|Intel).*Mesa 8.0'
CompositorUnredirectFSW: true
DistUpgraded: Fresh install
DistroCodename: xenial
DistroRelease: Ubuntu 16.04
DistroVariant: ubuntu
EcryptfsInUse: Yes
GraphicsCard: InnoTek Systemberatung GmbH VirtualBox Graphics Adapter [80ee:beef] (prog-if 00 [VGA controller])
InstallationDate: Installed on 2016-08-09 (0 days ago)
InstallationMedia: Ubuntu 16.04.1 LTS "Xenial Xerus" - Release amd64 (20160719)
Lsusb:
 Bus 001 Device 002: ID 80ee:0021 VirtualBox USB Tablet
 Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
MachineType: innotek GmbH VirtualBox
Package: unity 7.4.0+16.04.20160715-0ubuntu1
PackageArchitecture: amd64
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.4.0-34-generic root=/dev/mapper/ubuntu--vg-root ro quiet splash
ProcVersionSignature: Ubuntu 4.4.0-34.53-generic 4.4.15
Renderer: Software
Tags: xenial xenial xenial ubuntu compiz-0.9
Uname: Linux 4.4.0-34-generic x86_64
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups:

_MarkForUpload: True
dmi.bios.date: 12/01/2006
dmi.bios.vendor: innotek GmbH
dmi.bios.version: VirtualBox
dmi.board.name: VirtualBox
dmi.board.vendor: Oracle Corporation
dmi.board.version: 1.2
dmi.chassis.type: 1
dmi.chassis.vendor: Oracle Corporation
dmi.modalias: dmi:bvninnotekGmbH:bvrVirtualBox:bd12/01/2006:svninnotekGmbH:pnVirtualBox:pvr1.2:rvnOracleCorporation:rnVirtualBox:rvr1.2:cvnOracleCorporation:ct1:cvr:
dmi.product.name: VirtualBox
dmi.product.version: 1.2
dmi.sys.vendor: innotek GmbH
version.compiz: compiz 1:0.9.12.2+16.04.20160714-0ubuntu1
version.ia32-libs: ia32-libs N/A
version.libdrm2: libdrm2 2.4.67-1ubuntu0.16.04.1
version.libgl1-mesa-dri: libgl1-mesa-dri 11.2.0-1ubuntu2.1
version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A
version.libgl1-mesa-glx: libgl1-mesa-glx 11.2.0-1ubuntu2.1
version.xserver-xorg-core: xserver-xorg-core 2:1.18.3-1ubuntu2.3
version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.10.1-1ubuntu2
version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.7.0-1
version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20160325-1ubuntu1
version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.12-1build2