CVE-2013-4394
First published: Tue Oct 02 2012(Updated: )
A possibility of unauthorized Xorg X11 Server configuration file modification / injection was found in the way SetX11Keyboard() method of systemd, a system and service manager, performed sanitization of provided X Keyboard Extension (XKB) layouts description (special and control characters were not filtered out from the layout description properly). When the host in question used PolicyKit Local Authority (PKLA) file mechanism to grant group of users the privilege to change XKB settings (instead of default PolicyKit check) and particular local attacker was member of that group, they could use this flaw to inject arbitrary values into the Xorg X11 Server configuration file, possibly leading to escalation of their privileges. Issue found by Florian Weimer, Red Hat Product Security Team
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Systemd Project Systemd | <194 | |
| Debian Debian Linux | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2013/10/01/9
- http://cgit.freedesktop.org/systemd/systemd/commit/?id=8d789b905dba8aebd30238520b6ad52fb866af95
- https://bugzilla.redhat.com/show_bug.cgi?id=862324
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
- http://www.debian.org/security/2013/dsa-2777
- https://security.gentoo.org/glsa/201612-34
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/author
- agent/remedy
- agent/last-modified-date
- agent/severity
- agent/event
- agent/tags
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2013-4394
- vendor/systemd project
- canonical/systemd project systemd
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/7.0