News: Flaw in the Latest Linux Graphical Server Allows Passwordless Logins

Flaw in the Latest Linux Graphical Server Allows Passwordless Logins

Just a quick post. Xorg is the graphical server that handles the desktop environment you choose for your Linux box. A pretty big flaw was found in Xorg versions 1.11 and later that allows anyone to bypass the screen lock mechanism on xscreensaver, gscreensaver, and many others.

The key combo that allows us to bypass the password protected is: ctrl + alt + *.

It's unknown whether or not this was left there intentionally, but the issue remains unresolved.

Just updated your iPhone? You'll find new features for Podcasts, News, Books, and TV, as well as important security improvements and fresh wallpapers. Find out what's new and changed on your iPhone with the iOS 17.5 update.


This is pretty big, actually. They need to patch this fast.

Yeah, that means it gets around my failed password safety script :(. I have it so my HDD is wiped clean upon 3 incorrect password guesses. This kind of ruins that :/. I'm just locking the screen by going to TTY 1 and logging out. Haha. Temporary fix.

I still wont let any get near my laptop with that HDD wipe, because I might start it by accident, if this only really effects 1.11 can't you just downgrade your Xorg?

Won't that mean you will need to downgrade dependencies one by one also?

Yeah, I wouldn't bother. Just shutdown for the time being, or come up with an icky workaround.

Yes you might need to downgrade a few dependencies but if you are really worried about your security then I would recomend trying it

Share Your Thoughts

  • Hot
  • Latest