Linux Mint fixes screensaver bypass discovered by two kids
1 min read
Jan 18, 2021
The Linux Mint project has patched a security flaw discovered by two kids that could have allowed a threat actor to bypass the OS screensaver and its password and access locked desktops. Linux Mint is now working on adding a setting that will let users disable the on-screen keyboard, which would make mitigating future bugs in this component easier until patches are generally available.
This particularly nasty security flaw was discovered by two kids playing on their dad's computer, according to a bug report on GitHub.
"A few weeks ago, my kids wanted to hack my Linux desktop, so they typed and clicked everywhere while I was standing behind them looking at them play," wrote a user identifying themselves as robo2bobo.
According to the bug report, the two kids pressed random keys on both the physical and on-screen keyboards, which eventually led to a crash of the Linux Mint screensaver, allowing the two access to the desktop.
"I thought it was a unique incident, but they managed to do it a second time," the user added.
Related Articles
1 - 0 min read
Linux Kernel 6.7 Released with Various Security Improvements
1 - 0 min read
Millions Of GitHub Repositories Infected With Malicious Code
1 - 0 min read
SSH Under Siege: Decoding the Terrapin Attack
