{"id":"CVE-2013-4327","details":"systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.","modified":"2026-04-16T06:24:22.808987226Z","published":"2013-10-03T21:55:04Z","references":[{"type":"ADVISORY","url":"http://www.debian.org/security/2013/dsa-2777"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2013/09/18/6"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-1961-1"},{"type":"ADVISORY","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1006680"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2013/09/18/6"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1006680"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1006680"}],"schema_version":"1.7.5"}