CVE-2012-0871 Common Vulnerabilities and Exposures

Upstream information

CVE-2012-0871 at MITRE

Description

The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
CVSS detail	National Vulnerability Database
Base Score	6.3
Vector	AV:L/AC:M/Au:N/C:N/I:C/A:C
Access Vector	Local
Access Complexity	Medium
Authentication	None
Confidentiality Impact	None
Integrity Impact	Complete
Availability Impact	Complete

SUSE Bugzilla entry: 747154 [RESOLVED / FIXED]

SUSE Security Advisories:

SUSE-SA:2012:001, published Wed, 29 Feb 2012 16:00:00 +0000
openSUSE-SU-2012:0319-1, published Fri Dec 8 15:48:31 2023

SUSE Timeline for this CVE

CVE page created: Tue Jul 9 19:26:13 2013
CVE page last modified: Mon Oct 6 18:17:49 2025