CVE-2013-4394
systemd < 194 - Privilege Escalation via XKB Layout Configuration
Title source: llmDescription
The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors involving "special and control characters."
References (5)
Core 5
Core References
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201612-34
Issue Tracking, Third Party Advisory x_refsource_confirm
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=862324
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2013/dsa-2777
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/10/01/9
Scores
EPSS
0.0034
EPSS Percentile
25.3%
Details
CWE
CWE-276
Status
published
Products (2)
debian/debian_linux
7.0
systemd_project/systemd
< 194
Published
Oct 28, 2013
Tracked Since
Feb 18, 2026