Plattform
linux
Komponente
systemd
Behoben in
239.0.1
258.0.1
259.0.1
CVE-2026-29111 affects the systemd system and service manager, specifically versions 239 and later up to, but not including, 259.2. This vulnerability arises from an assertion failure or stack overflow when an unprivileged process makes a malicious IPC API call. While versions 250 and newer trigger an assert instead of a stack overflow, versions prior to 239 are not affected, and patches are available in versions 260-rc1, 259.2, and 258.5.
An attacker can exploit this vulnerability by crafting a malicious IPC API call to systemd. Prior to version 250, this could lead to a stack overflow, allowing the attacker to overwrite memory and potentially execute arbitrary code with the privileges of systemd (PID 1). While later versions trigger an assert, the potential for code execution remains a significant concern. Successful exploitation could grant an attacker complete control over the affected system, enabling them to install malware, steal sensitive data, or disrupt system operations. The impact is particularly severe given systemd's central role in managing system services and processes.
This vulnerability was publicly disclosed on March 23, 2026. Its severity is currently assessed as MEDIUM. No public proof-of-concept exploits have been publicly released at the time of writing, but the potential for exploitation is considered high due to the relatively straightforward nature of the attack vector and the critical role of systemd. It is not currently listed on the CISA KEV catalog.
Exploit-Status
EPSS
0.01% (1% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-29111 is to upgrade systemd to version 259.2 or later. Versions 260-rc1, 259.2, and 258.5 contain the necessary patches. If immediate upgrading is not possible due to compatibility issues or testing requirements, consider isolating affected systems to limit potential attack surface. While no direct workarounds are available, strict input validation on IPC calls, if feasible, might offer a limited degree of protection. After upgrading, confirm the fix by attempting to reproduce the vulnerability with a known malicious IPC call and verifying that it triggers the intended assert or is rejected.
Aktualisieren Sie systemd auf Version 257.11, 258.5, 259.2 oder höher. Dies behebt die Schwachstelle, die es einem lokalen, nicht privilegierten Benutzer ermöglicht, einen Assert auszulösen und die Systemausführung einzufrieren.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-29111 is a MEDIUM severity vulnerability in systemd affecting versions 239 through 259. An unprivileged IPC API call with malicious data can trigger an assertion or stack overflow, potentially causing a denial-of-service.
You are affected if your system is running systemd version 239 (inclusive) up to, but not including, version 259.2. Check your systemd version with systemd --version.
Upgrade to systemd version 259.2 or later. Patches are available in systemd versions 260-rc1, 259.2, 258.5, and 257.11. No workarounds are available.
Currently, there are no public reports of CVE-2026-29111 being actively exploited. However, it's crucial to apply the patch promptly due to the potential for exploitation.
Refer to the systemd project's security announcements and relevant distribution-specific security advisories for the latest information on CVE-2026-29111. Check the freedesktop.org website for official announcements.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.