Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 25 Oct 2015 00:12:38 +0900
From: Mamoru TASAKA <>
Cc:, Mamoru Tasaka <>
Subject: CVE request: xscreensaver aborts when unpluging second monitor cable
 when asking password

Hello, all:

I received a Fedora bug report
that on XFCE,

* using VGA and HDMI dual monitor (for example)
* lock the screen with $ xscreensaver-command -lock
* move mouse, password dialog appears
* during the time password dialog still appears, unplug HDMI cable

then xscreensaver abort()s (actually it abort()s,
not segv, however I guess it is not important)
(at the line 420 in xscreensaver-5.33/driver/subprocs.c)

100% reproducible. This issue is already in public as

I and the upstream developer already tracked down the cause
and the upstream send me a patch, which seems to be
working. hopefully the upstream
will release the new version soon.

Please assign a CVE ID for this.

Best regards,
Mamoru TASAKA <>

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ