A new X.org security issue have been found that can lead to unauthorized access to a system if someone has a physical access to it.
All systems having Xorg 1.11+ are affected by this and the behavior can be reproduced by exactly following the steps below:
- Lock you screen and go to screensaver lock mode
- Press CTRL+ALT+ Keypad Multiply (*)
Ubuntu 11.10 users are safe as the default Xorg version is 1.10. However, Ubuntu 12.04 can have Xorg 1.11 and Ubuntu Security Team should already be aware about this now.
It has been reported that latest Arch Linux and Fedora have Xorg 1.11. Patches should land as fast as possible.
More technical details and a video showing login being bypassed on Phoronix.