CVE-2013-4327

EPSS 0.03%

systemd - several

發布日:2013/10/3修改日:2026/3/9

也稱為:DSA-2777-1DEBIAN-CVE-2013-4327

描述

systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.

受影響套件(2)

Debian/systemdfrom 0, < 204-5
Debian/systemdfrom 0, < 44-11+deb7u4

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-4327