[kde] [Bug 420802] New: SECURITY: Notification background "bleeds" into the lock screen
AK-47
bugzilla_noreply at kde.org
Thu Apr 30 13:51:58 BST 2020
https://bugs.kde.org/show_bug.cgi?id=420802
Bug ID: 420802
Summary: SECURITY: Notification background "bleeds" into the
lock screen
Product: kde
Version: unspecified
Platform: Fedora RPMs
OS: Linux
Status: REPORTED
Severity: major
Priority: NOR
Component: general
Assignee: unassigned-bugs at kde.org
Reporter: chkboom at safe-mail.net
Target Milestone: ---
Created attachment 128029
--> https://bugs.kde.org/attachment.cgi?id=128029&action=edit
Bug Screenshot
SUMMARY
The background of a notification will "bleed" into the lock screen, especially
if the notification has blurred or glass effects.
PRE-REQUISITES FOR REPRODUCING:
1. Noticed predominantly with a glass theme, especially with blurred effects.
2. Using a theme called "OxygenDymAero7."
3. Noticed on KDE Wayland session.
STEPS TO REPRODUCE
1. Lock the screen
2. Trigger a notification, such as an update being available.
The order of the steps do not appear to matter.
OBSERVED RESULT
A section of the lock screen will either be blurred or display an appreciable
portion of the background effect used by the window.
EXPECTED RESULT
The lock screen should NOT give away the positions or contents of ANY window.
This is a security issue and may also be the root of other potential
information leaks in other circumstances.
SOFTWARE/OS VERSIONS
Linux/KDE Plasma: Fedora Workstation 32
(available in About System)
KDE Plasma Version: 5.18.3
KDE Frameworks Version: 5.68.0
Qt Version: 5.13.2
ADDITIONAL INFORMATION
KDE Wayland session. Unknown if this is related to just KWin (Wayland) or if
there are other components at play.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Unassigned-bugs
mailing list