CVE-2013-4394
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
28/10/2013
Last modified:
11/04/2025
Description
The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors involving "special and control characters."
Impact
Base Score 2.0
5.90
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:systemd_project:systemd:*:*:*:*:*:*:*:* | 194 (excluding) | |
| cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
- http://www.debian.org/security/2013/dsa-2777
- http://www.openwall.com/lists/oss-security/2013/10/01/9
- https://bugzilla.redhat.com/show_bug.cgi?id=862324
- https://security.gentoo.org/glsa/201612-34
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
- http://www.debian.org/security/2013/dsa-2777
- http://www.openwall.com/lists/oss-security/2013/10/01/9
- https://bugzilla.redhat.com/show_bug.cgi?id=862324
- https://security.gentoo.org/glsa/201612-34