CVE-2013-2190
EPSS 0.08%
Description
The translate_hierarchy_event function in x11/clutter-device-manager-xi2.c in Clutter, when resuming the system, does not properly handle XIQueryDevice errors when a device has "disappeared," which causes the gnome-shell to crash and allows physically proximate attackers to access the previous gnome-shell session via unspecified vectors.
How to fix CVE-2013-2190
To remediate CVE-2013-2190, upgrade the affected package to a fixed version below.
- Debian/clutter-1.0—upgrade to 1.14.4-3 or later
Is CVE-2013-2190 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.14.4-3