Systemd Security Vulnerabilities and Issues — Systemd CVE List

Lucene search

Systemd ProjectSystemd

5 matches found

CVE•added 2013/10/28 10:55 p.m.•90 views

CVE-2013-4392

systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.

5CVSS6.6AI score0.00067EPSS

CVE•added 2013/10/03 9:55 p.m.•83 views

CVE-2013-4327

systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.

6.9CVSS6.2AI score0.00042EPSS

CVE•added 2013/10/28 10:55 p.m.•61 views

CVE-2013-4391

Integer overflow in the valid_user_field function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow.

7.5CVSS8AI score0.037EPSS

CVE•added 2013/10/28 10:55 p.m.•54 views

CVE-2013-4394

The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors invo...

5.9CVSS6.3AI score0.00109EPSS

CVE•added 2013/10/28 10:55 p.m.•53 views

CVE-2013-4393

journald in systemd, when the origin of native messages is set to file, allows local users to cause a denial of service (logging service blocking) via a crafted file descriptor.

2.1CVSS6.2AI score0.0015EPSS