Screen contents revealed briefly on resume, before even unlocking

Bug #1532508 reported by Nicolas_Raoul
824
This bug affects 199 people
Affects Status Importance Assigned to Milestone
GNOME Shell
New
Unknown
Mutter
New
Unknown
gnome-shell (Debian)
Confirmed
Unknown
gnome-shell (Ubuntu)
Confirmed
High
Unassigned
Nominated for Xenial by Marco Trevisan (Treviño)
unity (Ubuntu)
Fix Released
High
Andrea Azzarone
Nominated for Xenial by Marco Trevisan (Treviño)
Xenial
Fix Released
Undecided
Unassigned

Bug Description

[Impact]

When lock is enabled, the screen doesn't get blank/covered by lockscreen before suspending, thus on early resume the content might be shown.

Video showing the bug: https://youtu.be/dDOgtK1MldI

Reproduced on Ubuntu 2015.10, Ubuntu 2014.04

[Test case]

1. Work on highly secret files
2. Close the lid of your laptop and go have a break
3. Anyone who opens the lid of the laptop can see the secret files for a half second before the lock screen appears

[Possible Regression]

Content on screen isn't painted anymore and screen stays black.

Related branches

CVE References

information type: Private Security → Public Security
Changed in unity (Ubuntu):
status: New → Confirmed
Revision history for this message
Andrea Azzarone (azzar1) wrote :

This is actually due to a graphic driver issue that we cannot workaround in unity. In xenial we reduced a bit the problem but we cannot completely remove it.

Revision history for this message
Wise Melon (wise-melon-deactivatedaccount) wrote :

I can reproduce this issue in Ubuntu GNOME 16.04 with GNOME 3.20. Should updating the graphics driver fix the issue?

Changed in ubuntu-gnome:
status: New → Confirmed
Changed in gnome-shell (Ubuntu):
status: New → Confirmed
Revision history for this message
sunox (sunox9) wrote :

I experience this only when using compton compositor. This is on a Thinkpad T430 running Xubuntu 16.04.

Revision history for this message
Rael Gugelmin Cunha (rael-gc) wrote :

Started to happen to me on Ubuntu 16.04.2 with Intel graphics too (Dell Precision M3800). I was using 16.04 and then made a fresh install of 16.04.2

Nybo (renenybo)
information type: Public Security → Private Security
information type: Private Security → Public Security
tags: added: trusty wily xenial
Changed in gnome-shell (Debian):
status: Unknown → Confirmed
Changed in gnome-shell:
importance: Unknown → Medium
status: Unknown → In Progress
Changed in gnome-shell (Ubuntu):
importance: Undecided → High
Changed in unity (Ubuntu):
importance: Undecided → High
tags: added: zesty
Andrea Azzarone (azzar1)
Changed in unity (Ubuntu):
assignee: nobody → Andrea Azzarone (azzar1)
status: Confirmed → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unity - 7.5.0+17.10.20170925.1-0ubuntu1

---------------
unity (7.5.0+17.10.20170925.1-0ubuntu1) artful; urgency=medium

  [ Andrea Azzarone ]
  * Fix build issues with gcc-7 and g++-7
  * Refactor the way UserAuthenticator is created and passed around.
    Handle failures to create new threads and fallback to a "Switch to
    greeter..." button in case of failure. (LP: #1311316)
  * Wait until the color buffer is cleared before suspending. (LP:
    #1532508)

  [ Marco Trevisan (Treviño) ]
  * Tests: split unit tests in single binaries, enable unstable tests
  * debian/rules: ignore warnings in armhf and ppc64el

 -- Marco Trevisan (Treviño) <mail@3v1n0.net> Mon, 25 Sep 2017 16:05:06 +0000

Changed in unity (Ubuntu):
status: In Progress → Fix Released
description: updated
Revision history for this message
Brian Murray (brian-murray) wrote : Please test proposed package

Hello Nicolas_Raoul, or anyone else affected,

Accepted unity into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/unity/7.4.5+16.04.20171116 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in unity (Ubuntu Xenial):
status: New → Fix Committed
tags: added: verification-needed verification-needed-xenial
Revision history for this message
Łukasz Zemczak (sil2100) wrote :

Hello Nicolas_Raoul, or anyone else affected,

Accepted unity into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/unity/7.4.5+16.04.20171201.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Revision history for this message
ventrical (dale-f-beaudoin) wrote : Re: Screen shown briefly after opening closed laptop lid, before even unlocking

not here..

tags: added: unlock
tags: added: resume
Changed in gdm3 (Ubuntu):
status: New → Confirmed
importance: Undecided → High
summary: - Screen shown briefly after opening closed laptop lid, before even
- unlocking
+ Screen contents revealed briefly on resume, before even unlocking
Changed in gnome-shell (Fedora):
importance: Unknown → High
status: Unknown → In Progress
Revision history for this message
Wise Melon (wise-melon-deactivatedaccount) wrote :

I hadn't noticed this bug in a while. And then suddenly yesterday (on Arch Linux) it appeared!

Revision history for this message
Doug McMahon (mc3man) wrote :

fine now in unity 7.4.5+16.04.20171201.3

tags: added: verification-done-xenial
removed: verification-needed-xenial
Doug McMahon (mc3man)
tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (3.4 KiB)

This bug was fixed in the package unity - 7.4.5+16.04.20171201.3

---------------
unity (7.4.5+16.04.20171201.3) xenial; urgency=medium

  [ Marco Trevisan (Treviño) ]
  * InputMonitor: add an unity class that monitors XInput2 events and
    converts them to XEvent
  * EdgeBarrierController: use InputMonitor to get the barrier events
    instead of relying on its implementation
  * DecorationsMenuLayout: use input monitor for menu scrubbing (LP:
    #1614597)
  * PanelView: use InputMonitor to track menu events
  * LockScreenPanel: use InputMonitor events instead of mouse polling
    for menu scrubbing
  * MenuManager: add support for mouse trackers with triangle algorithm
    support (LP: #1618405)
  * PanelView: scale gradient refinement properly
  * PanelService: don't allow to deactivate menus if they've been opened
    too shortly
  * LockScreenController: ignore icon_paths_changed signal in
    menumanager for Lockscreen
  * LockScreenController: use InputMonitor to get all the events and
    hide the Blank Window (LP: #1321075)
  * LockScreenController: use input monitor to get the events to switch
    monitor (LP: #1316862)
  * LauncherOptions: use track_obj to manage option changes (LP:
    #1622995)
  * UnityScreen: toggle gestures recognition on lock (LP: #1645507)
  * GnomeSessionManager: add gcancellable to instance and use it for
    calls with temporary proxies
  * BackgroundSettings: use gnome-bg to generate textures with proper
    scaling (LP: #1666359)
  * UnityWindow: safely check validity of UnityWindow from scaled one
    (LP: #1659847)
  * Panel: ensure the menu-manager tracker is updated to match monitor
    (LP: #1671432)
  * compiz-profile-setter: tool to update the current profile and use in
    systemd and Unity settings (LP: #1668950)
  * BGHash, UnityScreen: get desktop averageColor from compiz
  * Launcher: disable or reduce most icon effects on lowgfx (LP:
    #1700859)
  * PanelController: ensure we disconnect from signals on destruction
    (LP: #1504870)
  * tools: add migration script to set the default values for unity-
    lowgfx profile

  [ Andrea Azzarone ]
  * Properly handle the file manager copy dialog in
    FileManagerLauncherIcon and in StorageLauncherIcon. (LP: #1575452,
    LP: #1609845)
  * Correctly position the force quit dialog when scaling is different
    than 1.0 (LP: #1637991)
  * GnomeSession: Retrieve the session id using dbus if $XDG_SESSION_ID
    is not set
  * Round gtk scaling factor to closest integer. (LP: #1649736)
  * Keep the screen locked if rebooting with autologin. (LP: #1600389)
  * Use g_mkdir_with_parents instead of mkdir.
  * Lockscreen: always draw the background-color in the lockscreen (LP:
    #1702701)
  * Refactor the way UserAuthenticator is created and passed around.
    Handle failures to create new threads and fallback to a "Switch to
    greeter..." button in case of failure. (LP: #1311316)
  * Wait until the color buffer is cleared before suspending. (LP:
    #1532508)

  [ Kai-Heng Feng ]
  * UnitySettings: If scale-factor is not set, find and set right scale
    for HiDPI displays.

  [ Eleni Maria Stea ]
  * shouldn't create blur rectangles when there's ...

Read more...

Changed in unity (Ubuntu Xenial):
status: Fix Committed → Fix Released
Revision history for this message
Steve Langasek (vorlon) wrote : Update Released

The verification of the Stable Release Update for unity has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Juha Luoma (jsluoma) wrote :

I'm still seeing this bug with fully updated 16.04. Machine is HP EliteBook G2, Intel graphics, external display attached via dock's displayport interface.

unity 7.4.5+16.04.20180221-0ubuntu1

Revision history for this message
wysiwyg31 (wysiwyg31) wrote :

also visible on 18.04 (XPS13 9370)

Revision history for this message
Cezanne Vahid (cezhunter) wrote :

Also experiencing this bug on 18.04 (XPS13 9370)

Revision history for this message
Cezanne Vahid (cezhunter) wrote :

Confirmed that this bug occurs when the user has Automatic Screen Lock turned off in Privacy settings.

Revision history for this message
Nicolas_Raoul (nicolas-raoul) wrote :

Original poster here, I confirm the bug is still present in 18.04 (work on secret files -> close laptop lid -> anyone opening the lid can sometimes see the content even without unlocking) although it happens much less frequently than in 16.04 in my personal experience.

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

This bug is still open for 18.04 as indicated by:

gnome-shell (Ubuntu) Confirmed

Revision history for this message
J3K (j3k-2004) wrote :

Still experiencing this bug in Ubuntu Budgie 18.04. Shows the last (pre-hibernate) screen for a brief instant on wake, before displaying the login screen.

Revision history for this message
Thorsten (thorstenr-42) wrote :

for me this bug is only happening in 18.04 when using the X session and does not occur when using wayland

Revision history for this message
Pedro Côrte-Real (pedrocr) wrote :

I also confirm this on 18.04

Revision history for this message
Florian Sinatra (florian.sinatra) wrote :

I'm also experiencing this bug on kubuntu 18.04.

Revision history for this message
Seth Arnold (seth-arnold) wrote :

Florian, please file a new bug against whatever packages kubuntu uses for screen locking for this.

Thanks

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

Gnome Shell was just fixed, but it was tracked as bug 1768786. So I'm going to remove the gnome-shell tasks from here

no longer affects: gnome-shell (Fedora)
no longer affects: gdm3 (Ubuntu)
no longer affects: gnome-shell (Ubuntu)
Revision history for this message
Thorsten (thorstenr-42) wrote :

this bug still occurs for me on ubuntu 18.04 using gdm 3.28.2 and gnome-shell 3.28.2. However, my laptop (x1 carbon gen6) only supports S0i3 (activated with the kernel parameter "acpi.ec_no_wakeup=1") and not s3. So is it possible that this bug is only fixed for S3? It does not occur when using wayland.

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

It would be strange to keep this older bug open after having declared it fixed in the newer bug 1768786. If you want to do that then OK (re-add the gnome-shell task). But it might be a better idea to log a new bug (run: ubuntu-bug gnome-shell). That way we can track the details of affected systems and have a chance of closing some peoples' bug reports as fixed without contradicting others for whom it's still a problem.

Revision history for this message
Thorsten (thorstenr-42) wrote :

oky i will create a new bug report

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

OK. Reopening this bug for gnome-shell. Despite the fact that bug 1768786 declared it fixed, we now have at least three reports that it is not fixed for gnome-shell:
  * https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1532508/comments/25
  * https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1428307/comments/3
  * bug 1806983

Changed in gnome-shell (Ubuntu):
status: New → Confirmed
Changed in gdm3 (Ubuntu):
status: New → Confirmed
Revision history for this message
Daniel van Vugt (vanvugt) wrote :

Make that four reports, including bug 1800426.

Changed in gnome-shell (Ubuntu):
importance: Undecided → High
Changed in gdm3 (Ubuntu):
importance: Undecided → High
Revision history for this message
Marco (dolland) wrote :

My report (1806983) is slightly different and more problematic: when the bug occurs, the interface, the app bar now keeps beeing buggy until I reboot and the unlock interface doesn't shows at all even if I re-put on suspend and re-resume.
I had the "desktop showed for one second" bug but it this case I have the "lock screen not showed at all" one

Revision history for this message
Daniel van Vugt (vanvugt) wrote :
Revision history for this message
Bill Billson Billingham (billbillbill) wrote :

I am experiencing this on Thinkpad T460s running 64 bit Ubuntu 18.04.1 (4.15.0-42-generic) with Gnome 3.28.2, utilizing Intel® Core™ i7-6600U CPU @ 2.60GHz × 4, Intel® HD Graphics 520 (Skylake GT2)

I was not experiencing this problem on the same machine running 16.04, and only started experiencing it after upgrading to 18.04

Revision history for this message
Wes (wesinator) wrote :

Still experiencing this with Bionic gnome-shell 3.28.3-0ubuntu0.18.04.3

I was actually able to move the mouse for a second before the lock screen appeared.

Revision history for this message
PeterPall (peterpall) wrote :

On my machine (disco/gnome on Wayland) it also still appears.
But something has changed: a few months ago the screen contents was visible on each resume. Now it makes a difference if the computer suspended due to a lack of activity (in this case the computer seems to always only lock the screen. A few seconds after resuming), due to me pressing the "suspend" key (in this case the screen either locks quickly on resume or is already locked in resume) or due to closing the laptop lid: in the latter case if I open my laptop the screen is already locked

tags: added: cosmic disco
tags: removed: verification-done
Revision history for this message
PeterPall (peterpall) wrote :

On my machine (Disco/Gnome on Wayland) the problem still happens. But the fix has changed something because it no more happens all the time but only for the right suspend reasons.

Revision history for this message
Dan Dascalescu (ddascalescu+launchpad) wrote :

I still see this issue in a configuration very similar to comment #33:

* ThinkPad X1 Carbon 6th Gen with integrated Intel Graphics
* Ubuntu 18.04.1 fresh install

Revision history for this message
Artem Mikhmel (amikhmel) wrote :

Still having the same issue:
Linux DEll-XPS15 4.16.7-041607-generic #201805021131 SMP Wed May 2 15:34:55 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Ubuntu 18.04.1 LTS

Revision history for this message
Thorsten (thorstenr-42) wrote :

I also still have this issue with the default 18.04.1 version. However, i installed a newer mesa version (which also upgrades a bunch of other dependencies) using the padoka stable ppa and since then the issue is gone.

Revision history for this message
Jason Bassett (jbassett-v) wrote :

Also affecting my Ubuntu 16.04 LTS laptop, all updates installed.

Revision history for this message
Dan Kortschak (dan-kortschak) wrote :

Still present in 18.04.2.

tags: added: bionic
removed: wily zesty
Revision history for this message
Nicolas_Raoul (nicolas-raoul) wrote :

Original poster here.

I switched to 19.04 (disco) in April, and I have never seen this bug again since (default window manager and everything).

Revision history for this message
PeterPall (peterpall) wrote :

In 19.10 the problem seems to be gone, too. But I once whilst cleaning my keyboard got a glimpse on the locked screen => There might be a more subtle bug, still.

tags: removed: cosmic
tags: removed: trusty
Revision history for this message
Sean (gaudinvisible) wrote :

Can confirm I am getting this on 19.04 ubuntu budgie and am up to date

Revision history for this message
rubo77 (rubo77) wrote :

I don't agree with PeterPall! On my Ubuntu 19.10 Laptop, I still got the screen visible after suspend due to lid-close for a glimpse of a moment

The bug is still open.

A solution to this security issue would be to set the action on lid-close to "lock" instead of "suspend", see: https://askubuntu.com/questions/1200456/on-awake-the-unlocked-desktop-shows-for-a-blink-moment

Does someone know a workaround in Ubuntu 19.10 with still using the "suspend" option?

Revision history for this message
Tom Reynolds (tomreyn) wrote :

Watch existing bug on GNOME Gitlab. Previously, this was https://bugzilla.gnome.org/show_bug.cgi?id=753678

Changed in gnome-shell:
importance: Medium → Unknown
status: In Progress → Unknown
Changed in gnome-shell:
status: Unknown → New
tags: removed: disco
tags: added: focal
Revision history for this message
Cristiano Fraga G. Nunes (cfgnunes) wrote :

I use Ubuntu 20.04.1 (focal), and I have the same problem. I confirm this bug.

Changed in gnome-shell:
status: New → Unknown
tags: removed: xenial
Revision history for this message
^rooker (rooker) wrote :

I can also confirm this (Xubuntu 20.04.2).
Hardware is a HP Probook 430 G6.

lspci says this about the graphics card:
"Intel Corporation UHD Graphics 620"

Thanks in advance!

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

This bug does not appear to be related to Xfce, yet. If it does happen in Xubuntu then please add a new task at the top of the page.

Revision history for this message
jeejah42 (jeejah42) wrote (last edit ):

This bug also appears in Ubuntu Budgie 20.04.2 LTS (Focal Fossa).

```
$ lspci |fgrep -i graphics
00:02.0 VGA compatible controller: Intel Corporation Atom/Celeron/Pentium Processor x5-E8000/J3xxx/N3xxx Integrated Graphics Controller (rev 21)
$ fgrep -i xorg-server /var/log/Xorg.0.log
[ 3078.717] xorg-server 2:1.20.11-1ubuntu1~20.04.2 (For technical support please see http://www.ubuntu.com/support)
$
```

Revision history for this message
Ubuntu QA Website (ubuntuqa) wrote :

This bug has been reported on the Ubuntu ISO testing tracker.

A list of all reports related to this bug can be found here:
http://iso.qa.ubuntu.com/qatracker/reports/bugs/1532508

tags: added: iso-testing
Revision history for this message
omid.1985 (omid-1985) wrote :

Why no one treats this bug as a major security issue with a priority? This bug exposes sensitive information before even unlocking the computer.

I can confirm this bug on Ubuntu 21.04.

Revision history for this message
Seth Arnold (seth-arnold) wrote :

omid, this bug report covers too many unrelated packages to be useful at this point.

If you're still seeing desktop contents during resume with a currently supported version of Ubuntu, please file a new bug report with details on the specific packages you're using and steps to reproduce the issue. There's no guarantee that it can be addressed but a new bug report with one specific configuration has a chance. Bug reports are free. Specific bugs can get fixed. Bugs that collect a bunch of unrelated things are rarely fixed, there's just too much noise to find anything useful.

Because this bug (among several related bugs) returns in one or more screenlocker / desktop environment every year or two, the reliable answer is to always manually lock the screen before walking away from the computer.

Thanks

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

I don't think we need new bug reports about this. I've just fixed the concern about "unrelated packages" by removing the irrelevant tasks at the top of the page. Only the gnome-shell task remains open.

What we really need here is clear instructions for how to reproduce the bug in GNOME using a recent Ubuntu release.

no longer affects: gdm3 (Ubuntu)
affects: ubuntu-gnome → mir
no longer affects: mir
tags: added: hirsute
Revision history for this message
Free Beachler (tenacious) wrote : Re: [Bug 1532508] Re: Screen contents revealed briefly on resume, before even unlocking

From the investigation I performed earlier this week, this issue appears to
go back at least 10 years. The original report against Ubuntu 16 has a
video that demonstrates the problem clearly. It should suffice as steps to
reproduce.

On Thu, Sep 2, 2021 at 8:11 PM Daniel van Vugt <email address hidden>
wrote:

> I don't think we need new bug reports about this. I've just fixed the
> concern about "unrelated packages" by removing the irrelevant tasks at
> the top of the page. Only the gnome-shell task remains open.
>
> What we really need here is clear instructions for how to reproduce the
> bug in GNOME using a recent Ubuntu release.
>
> ** No longer affects: gdm3 (Ubuntu)
>
> ** Project changed: ubuntu-gnome => mir
>
> ** No longer affects: mir
>
> ** Tags added: hirsute
>
> --
> You received this bug notification because you are subscribed to a
> duplicate bug report (1935690).
> https://bugs.launchpad.net/bugs/1532508
>
> Title:
> Screen contents revealed briefly on resume, before even unlocking
>
> Status in GNOME Shell:
> Unknown
> Status in gnome-shell package in Ubuntu:
> Confirmed
> Status in unity package in Ubuntu:
> Fix Released
> Status in unity source package in Xenial:
> Fix Released
> Status in gnome-shell package in Debian:
> Confirmed
>
> Bug description:
> [Impact]
>
> When lock is enabled, the screen doesn't get blank/covered by
> lockscreen before suspending, thus on early resume the content might
> be shown.
>
> Video showing the bug: https://youtu.be/dDOgtK1MldI
>
> Reproduced on Ubuntu 2015.10, Ubuntu 2014.04
>
> [Test case]
>
> 1. Work on highly secret files
> 2. Close the lid of your laptop and go have a break
> 3. Anyone who opens the lid of the laptop can see the secret files for a
> half second before the lock screen appears
>
> [Possible Regression]
>
> Content on screen isn't painted anymore and screen stays black.
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/gnome-shell/+bug/1532508/+subscriptions
>
>

--
This electronic mail (including any attachments) may contain information
that is privileged, confidential, and/or otherwise protected from
disclosure to anyone other than its intended recipient(s). Any
dissemination or use of this electronic mail or its contents (including any
attachments) by persons other than the intended recipient(s) is strictly
prohibited. If you have received this message in error, please notify me
immediately by reply e-mail so that I may correct my records, then please
delete the original message (including any attachments) in its entirety.
Thank you.

Revision history for this message
Johannes (jlemonde) wrote (last edit ):

I am affected, although not every time I resume my laptop. Perhaps 10 % of the times, and possibly with more likelihood if my laptop has been suspended for a while. I've never observed the bug when resuming only seconds after closing the lid; one has to wait longer.

I haven't yet found how to reproduce this bug in a repeatable manner.
Have you got clues? or do you want me to upload some logs (tell me which logs)?

PS: Using Ubuntu 21.04 with GNOME 3.38. I use to put my computer in suspend mode by using a custom keyboard shortcut triggering `systemctl suspend`.

Revision history for this message
Marius Gedminas (mgedmin) wrote :

I've seen this three times now on Ubuntu 21.10 (GNOME 40). I don't recall ever seeing it on Ubuntu 20.10.

tags: removed: hirsute
Revision history for this message
Free Beachler (tenacious) wrote (last edit ):

This issue has evolved into a monster! It's now a pile of dupes of this report, an epic saga that stretches back over a decade, and more than one false claim of repair. Perhaps the steps to reproduce and/or acceptance criteria weren't accurate.

On top of it -- the screen lock + suspend functionality is broken on Ubuntu 18+, 20+. For years I've experienced a lock screen that requires a double-unlock -- with each unlock screen apparently driven by a different manager (is one X and another gnome?). Then after the double-unlock I find all GUI apps have been killed. Meanwhile dmesg and syslog have nothing to show for it. Multiple bug reports and SO threads have also reported this, with more faux 'solutions' and 'workarounds', similar to this report.

I think Team Ubuntu is unawares of the terrible state of the broken suspend and lockscreen "features". If the Team is aware of these issues and continues to promote Ubuntu non-headless as "ready for the enterprise", then somebody should call Houston and let them know we've got a problem. Some/all users cannot use suspend because they risk losing work, which means increased risk of losing work due to battery discharge. My laptop has become an always-on workstation thanks to Ubuntu, and I'm constantly guarding against loss of work while using Ubuntu.

So now, engineers and professionals that choose Ubuntu can expect a workstation with an insecure lock screen and battery-drain from unusable suspend. In other words, Ubuntu OS isn't ready for the enterprise, unless it's headless.

If there were some decent writeups on how "community members" can go from getting-started developing for Ubuntu to the more-advanced topics of fixing problems like this, then maybe this wouldn't be such a terrible situation.

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

If us developers could reproduce the problem ourselves then we probably would have already fixed it.

If anyone has instructions on how to reproduce the problem in gnome-shell then please write them here.

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

Actually maybe keep that conversation in https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/3294 where all the gnome-shell developers can see it.

Revision history for this message
Francois Thirioux (fthx) wrote :

These days I have seen this bug at least twice in Jammy, using Wayland.

Changed in mutter:
status: Unknown → New
Changed in gnome-shell:
status: Unknown → New
tags: added: lunar
Revision history for this message
Ralf Dünkelmann (ooocp) wrote :

Hi there,

I am using ubuntu budgie 22 on a tuxedo laptop and can reproduce reveiling of content when I lock the screen and connect to an external monitor afterwards. When connecting the monitor the lower part of the screen is reveiled shortly. When disconnecting the monitor, the upper part reveils (and stays visible). Everything before typing the password.

Revision history for this message
Free Beachler (tenacious) wrote :

To a non-maintainer-but-longtime-user, it appears that the lock screen
implementation in Gnome (or whatever OS stack) is completely broken -> it
isn't secure, breaks NVIDIA drivers, inexplicably shows a different
rendition (version) of the lockscreen in some cases, and doesn't work with
popular screen savers from the Software manager.

But I suppose it all works for some people.

On Fri, Mar 24, 2023 at 2:15 AM Ralf Dünkelmann <email address hidden>
wrote:

> Hi there,
>
> I am using ubuntu budgie 22 on a tuxedo laptop and can reproduce
> reveiling of content when I lock the screen and connect to an external
> monitor afterwards. When connecting the monitor the lower part of the
> screen is reveiled shortly. When disconnecting the monitor, the upper
> part reveils (and stays visible). Everything before typing the password.
>
> --
> You received this bug notification because you are subscribed to a
> duplicate bug report (1935690).
> https://bugs.launchpad.net/bugs/1532508
>
> Title:
> Screen contents revealed briefly on resume, before even unlocking
>
> Status in GNOME Shell:
> New
> Status in Mutter:
> New
> Status in gnome-shell package in Ubuntu:
> Confirmed
> Status in unity package in Ubuntu:
> Fix Released
> Status in unity source package in Xenial:
> Fix Released
> Status in gnome-shell package in Debian:
> Confirmed
>
> Bug description:
> [Impact]
>
> When lock is enabled, the screen doesn't get blank/covered by
> lockscreen before suspending, thus on early resume the content might
> be shown.
>
> Video showing the bug: https://youtu.be/dDOgtK1MldI
>
> Reproduced on Ubuntu 2015.10, Ubuntu 2014.04
>
> [Test case]
>
> 1. Work on highly secret files
> 2. Close the lid of your laptop and go have a break
> 3. Anyone who opens the lid of the laptop can see the secret files for a
> half second before the lock screen appears
>
> [Possible Regression]
>
> Content on screen isn't painted anymore and screen stays black.
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/gnome-shell/+bug/1532508/+subscriptions
>
>

--
This electronic mail (including any attachments) may contain information
that is privileged, confidential, and/or otherwise protected from
disclosure to anyone other than its intended recipient(s). Any
dissemination or use of this electronic mail or its contents (including any
attachments) by persons other than the intended recipient(s) is strictly
prohibited. If you have received this message in error, please notify me
immediately by reply e-mail so that I may correct my records, then please
delete the original message (including any attachments) in its entirety.
Thank you.

Revision history for this message
Ralf Dünkelmann (ooocp) wrote (last edit ):

with an Eizo monitor connected externally when ubuntu is "on lock", I can unlock my Laptop completely without typing a password.

This isn't just a bug.

Please contact me, even directly through my IRC or mail, if you need video and help.

Revision history for this message
nem000 (nem000) wrote :

Have the exact same problem as originally reported using a Lenovo Thinkpad T480s and Ubuntu 22.10 when I close and re-open my laptop.
Very annoying and I can't believe this bug seems to be so old and has survived for so many years!

Revision history for this message
Seth Arnold (seth-arnold) wrote :

nem000 I'm sure I've seen this bug fixed a dozen times in the last fifteen years or something. It's just a popular bug to re-implement. Please file a bug with 'ubuntu-bug gnome-shell' if you're using Gnome; replace 'gnome-shell' with whatever screenlocker you're using if you're on a different environment.

Thanks

Revision history for this message
nem000 (nem000) wrote :

Hi Seth, thanks for the info! I just filed a bug with "ubuntu-bug" (using it the first time so I hope I did it right).
Thanks for your hard work!

tags: added: kinetic
Revision history for this message
Ralf Dünkelmann (ooocp) wrote :

Hi Seth, hi nem000,

the bug (https://bugs.launchpad.net/bugs/2013453), that nem000 created was marked as a duplicate of this one. This is the case for most of the related bugs listed here. So it seems that this here is the issue to go ahead with?

Revision history for this message
Seth Arnold (seth-arnold) wrote :

On Mon, Apr 03, 2023 at 06:57:36AM -0000, Ralf Dünkelmann wrote:
> the bug (https://bugs.launchpad.net/bugs/2013453), that nem000 created
> was marked as a duplicate of this one. This is the case for most of the
> related bugs listed here. So it seems that this here is the issue to go
> ahead with?

Heh, yeah, I'as surprised, I figured keeping newer implementations of
this flaw separate from the older ones would have been the thing to do.

FWIW I've been handing out the "the only safe thing to do is to lock your
workstation before you walk away from it / suspend it" as advice for
twenty years...

Thanks

Revision history for this message
Ralf Dünkelmann (ooocp) wrote :

Hi Seth,

if only it would be that easy.

Suspending and locking does not circumvent the problem. The only way to be safe is shutting down on leave and newly boot on return.

Ubuntu is not safe here. This is a major vulnerability.

I love Ubuntu and appreciate all your work. I am a user only and if I can help, let me know.

tags: added: mantic
removed: kinetic
tags: removed: mantic
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.