5.9

CVE-2013-4394

EPSS 0.11%
Published 28.10.2013 22:55:03
Last modified 11.04.2025 00:51:21
Source secalert@redhat.com
Teams watchlist Login
Open Login

The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors involving "special and control characters."

Affected products Warnungen 0 Metrics 2 CWE 1 References 8

Data is provided by the National Vulnerability Database (NVD)

Systemd Project ≫ Systemd Version < 194

Debian ≫ Debian Linux Version7.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.11%	0.262

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.9	1.9	9.5	AV:L/AC:H/Au:N/C:C/I:C/A:P

CWE-276 Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

http://www.debian.org/security/2013/dsa-2777

Third Party Advisory

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357

Third Party Advisory

Issue Tracking

http://www.openwall.com/lists/oss-security/2013/10/01/9

Third Party Advisory

Mailing List

https://security.gentoo.org/glsa/201612-34

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=862324

Patch

Third Party Advisory

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2013-4394

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-4394

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-4394

EUVD