CVE-2013-4394

EUVD-2013-4273
The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors involving "special and control characters."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 UNKNOWN
LOCAL
HIGH
AV:L/AC:H/Au:N/C:C/I:C/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
Affected Products (NVD)
VendorProductVersion
systemd_projectsystemd
𝑥
< 194
debiandebian_linux
7.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
systemd
bookworm
252.30-1~deb12u2
fixed
bullseye
247.3-7+deb11u5
fixed
bullseye (security)
247.3-7+deb11u6
fixed
sid
256.7-3
fixed
trixie
256.7-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
systemd
lucid
dne
precise
dne
quantal
dne
raring
not-affected
Common Weakness Enumeration
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
http://www.debian.org/security/2013/dsa-2777
http://www.openwall.com/lists/oss-security/2013/10/01/9
https://bugzilla.redhat.com/show_bug.cgi?id=862324
https://security.gentoo.org/glsa/201612-34
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
http://www.debian.org/security/2013/dsa-2777
http://www.openwall.com/lists/oss-security/2013/10/01/9
https://bugzilla.redhat.com/show_bug.cgi?id=862324
https://security.gentoo.org/glsa/201612-34