CVE-2012-0871

Published: Apr 18, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

SUSE-SA:2012:001

vendor-advisory

x_refsource_SUSE

http://cgit.freedesktop.org/systemd/systemd/commit/?id=fc3c1c6e091ea16ad5600b145201ec535bbb5d7c

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=795853

x_refsource_CONFIRM

https://bugzilla.novell.com/show_bug.cgi?id=747154

x_refsource_CONFIRM

79768

vdb-entry

x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-0871

Description

Affected Products

References