A vulnerability in gnome-shell could allow a local attacker to gain unauthorized access to a targeted system.
The vulnerability exists because the lock screen feature of the affected software does not properly restrict all contextual actions. An attacker with physical access to a targeted, locked workstation could exploit this vulnerability by right clicking on the password text field. A successful exploit could allow the attacker to bypass the lock screen and re-enable certain keyboard shortcuts, which the attacker could use to perform unauthorized actions on the system.
The GNOME project has confirmed the vulnerability and released software updates.
Security Impact Rating: Medium