Upstream information

CVE-2013-4394 at MITRE

Description

The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors involving "special and control characters."

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 5.9
Vector AV:L/AC:H/Au:N/C:C/I:C/A:P
Access Vector Local
Access Complexity High
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Partial
SUSE Bugzilla entry: 843507 [RESOLVED]

No SUSE Security Announcements cross referenced.