CVE-2013-4394 Information

Description

The SetX11Keyboard function in systemd when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors involving \special and control characters.\

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357 http://www.debian.org/security/2013/dsa-2777 http://www.openwall.com/lists/oss-security/2013/10/01/9 https://bugzilla.redhat.com/show_bug.cgi?id=862324 https://security.gentoo.org/glsa/201612-34