primeos
commented
2 years ago LOL, who requested a CVE for this?!? (I doubt that upstream approves of it :D)
swaylock before 1.6 allows attackers to trigger a crash and achieve unlocked access to a Wayland compositor.
This was always known and applies to most screenlockers... (works as intended - and there were always hacks like swaylock || pkill ...).
https://github.com/swaywm/swaylock/pull/219 is definitely super nice and I was very excited when I first heard about it. However, that PR implements a new security feature that makes swaylock more secure and it's not like older swaylock versions became more insecure via a new attack...
Additionally https://github.com/swaywm/swaylock/pull/219 requires support from the Wayland compositor and, e.g., Sway doesn't support it yet (https://github.com/swaywm/sway/pull/6879 - and even the River PR used for testing isn't merged yet: https://github.com/riverwm/river/pull/497). Some Wayland compositor might already implement it (although I'm not aware of one) but definitely not a Wayland compositor in NixOS 21.11.
So I'll go ahead and simply close this issue as the CVE isn't relevant, especially not for NixOS 21.11. (If someone wants to backport swaylock 1.6 that's fine with me but at least https://github.com/swaywm/swaylock/pull/219 doesn't help yet.)
jirutka
search, files
CVE details
CVE-2022-26530
swaylock before 1.6 allows attackers to trigger a crash and achieve unlocked access to a Wayland compositor.
Scanned versions: nixos-21.11: a62ce97f92b.
Cc @primeos