PT-2014-2209 · Systemd · Systemd

Sebastian Krahmer

Published

2014-04-18

Updated

2022-01-28

CVE-2012-0871

CVSS v2.0

6.3

Medium

Vector

AV:L/AC:M/Au:N/C:N/I:C/A:C

Name of the Vulnerable Software and Affected Versions systemd versions prior to 37

Description The issue allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/. This is due to a problem in the session link x11 socket function in login/logind-session.c in systemd-logind.

Recommendations For versions prior to 37, update to version 37 or later to resolve the issue.

Fix

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-59

Related Identifiers

CVE-2012-0871

Affected Products

Systemd

PT-2014-2209 · Systemd · Systemd

CVE-2012-0871

Weakness Enumeration

Related Identifiers

Affected Products

References · 9