Systemd Project: >> Systemd >> 202 Security Vulnerabilities
systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.
CVSS Score
5.0
EPSS Score
0.001
Published
2013-10-28
systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.
CVSS Score
6.9
EPSS Score
0.0
Published
2013-10-03
Page 3