CVE-CVE-2011-4613 | UNKNOWN Severity | CVEDatabase.com

Description

The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY.

CVSS Metrics

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Access Vector: local
Access Cmplx: low
Auth: none
Confidentiality: partial
Integrity: partial
Availability: partial
Weaknesses: CWE-264

Metadata

Primary Vendor: X.ORG
Published: 2/5/2014
Last Modified: 4/11/2025
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

x.org : x_servercanonical : ubuntu_linuxcanonical : ubuntu_linuxcanonical : ubuntu_linuxcanonical : ubuntu_linuxdebian : debian_linuxubuntu : linux

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD