CVE-2013-4394

The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors involving "special and control characters."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.9 UNKNOWN
LOCAL
HIGH
AV:L/AC:H/Au:N/C:C/I:C/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
VendorProductVersion
systemd_projectsystemd
𝑥
< 194
debiandebian_linux
7.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
systemd
bullseye
247.3-7+deb11u5
fixed
bullseye (security)
247.3-7+deb11u6
fixed
bookworm
252.30-1~deb12u2
fixed
sid
256.7-3
fixed
trixie
256.7-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
systemd
raring
not-affected
quantal
dne
precise
dne
lucid
dne
Common Weakness Enumeration
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
http://www.debian.org/security/2013/dsa-2777
http://www.openwall.com/lists/oss-security/2013/10/01/9
https://bugzilla.redhat.com/show_bug.cgi?id=862324
https://security.gentoo.org/glsa/201612-34
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
http://www.debian.org/security/2013/dsa-2777
http://www.openwall.com/lists/oss-security/2013/10/01/9
https://bugzilla.redhat.com/show_bug.cgi?id=862324
https://security.gentoo.org/glsa/201612-34