Unrated severityNVD Advisory· Published Dec 25, 2014· Updated May 6, 2026

CVE-2014-7300

Description

GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a temporary lock outage, and the resulting temporary shell availability, caused by the Linux kernel OOM killer.

Affected products

GNOME Foundation/Gnome Shell
cpe:2.3:a:gnome:gnome-shell:3.14.0:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Desktop
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Hpc Node
cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Server
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Workstation
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

git.gnome.org/browse/gnome-shell/commit/nvdIssue TrackingPatch
git.gnome.org/browse/gnome-shell/commit/nvdIssue TrackingPatch
openwall.com/lists/oss-security/2014/09/29/17nvdMailing ListThird Party Advisory
rhn.redhat.com/errata/RHSA-2015-0535.htmlnvdThird Party Advisory
bugzilla.gnome.org/show_bug.cginvdIssue TrackingVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000