Vulnerability Name:

CVE-2013-4394 (CCN-87698)

Assigned:2013-10-01
Published:2013-10-01
Updated:2022-01-31
Summary:The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors involving "special and control characters."
CVSS v3 Severity:9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:5.9 Medium (CVSS v2 Vector: AV:L/AC:H/Au:N/C:C/I:C/A:P)
4.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:H/Au:N/C:C/I:C/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Partial
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
5.3 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-276
Vulnerability Consequences:Gain Privileges
References:Source: CONFIRM
Type: Issue Tracking, Third Party Advisory
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357

Source: CCN
Type: systemd GIT Repository Web Site
systemd GIT Repository

Source: MITRE
Type: CNA
CVE-2013-4394

Source: CCN
Type: oss-sec mailing list, Tue, 01 Oct 2013 10:08:21 -0600
Re: [CVE request] systemd

Source: CCN
Type: SA54876
systemd Weakness and Two Vulnerabilities

Source: DEBIAN
Type: Third Party Advisory
DSA-2777

Source: DEBIAN
Type: DSA-2777
systemd -- several vulnerabilities

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20131001 Re: [CVE request] systemd

Source: CCN
Type: BID-62744
systemd X Keyboard Extension Processing Local Privilege Escalation Vulnerability

Source: CCN
Type: Red Hat Bugzilla Bug 862324
systemd: Improper sanitization of invalid XKB layouts descriptions (privilege escalation when custom PolicyKit local authority file used)

Source: CONFIRM
Type: Issue Tracking, Patch, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=862324

Source: XF
Type: UNKNOWN
systemd-cve20134394-privilege-escalation(87698)

Source: GENTOO
Type: Third Party Advisory
GLSA-201612-34

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2013-4394

Source: CCN
Type: systemd Web Site
stystem

Vulnerable Configuration:Configuration 1:
  • cpe:/a:systemd_project:systemd:*:*:*:*:*:*:*:* (Version < 194)

    • Configuration 2:
  • cpe:/o:debian:debian_linux:7.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:systemd_project:systemd:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:19967
    P
    		DSA-2777-1 systemd - several
    2014-06-23
    BACK
    systemd_project systemd *
    debian debian linux 7.0
    systemd_project systemd *