The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2014-04-18 14:55
Updated : 2025-04-12 10:46
NVD link : CVE-2012-0871
Mitre link : CVE-2012-0871
CVE.ORG link : CVE-2012-0871
JSON object : View
Products Affected
systemd_project
- systemd
opensuse
- opensuse
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')