Vulnerability in Systemd_project Systemd

CVE-2013-4394

The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server conf…

EPSS: 0.001 (28.9th percentile) — read the EPSS interpretation.

Affected products

Systemd_project Systemd
Debian Debian_linux — versions 7.0
N/a — versions n/a

Weakness classification (CWE)

CWE-276 — Incorrect Default Permissions

References

GLSA-201612-34 (vendor-advisory, Third Party Advisory, x_refsource_GENTOO)
secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory, Issue Tracking)
secalert@redhat.com (x_refsource_CONFIRM, Patch, Third Party Advisory, Issue Tracking)
DSA-2777 (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
[oss-security] 20131001 Re: [CVE request] systemd (mailing-list, x_refsource_MLIST, Mailing List, Third Party Advisory)