Platform
linux
Component
systemd
Opgelost in
239.0.1
258.0.1
259.0.1
CVE-2026-29111 affects the systemd system and service manager, specifically when handling unprivileged IPC API calls. This vulnerability can lead to a denial-of-service (DoS) condition due to an assert or, in older versions, a stack overflow. Systems running systemd versions between 239 (inclusive) and 259 (exclusive) are vulnerable. Patches are available in systemd versions 260-rc1, 259.2, 258.5, and 257.11.
An attacker can exploit this vulnerability by crafting a malicious IPC API call with spurious data. In versions prior to v250, this leads to a stack overflow, allowing for potential code execution. While newer versions (v250 and later) trigger an assert instead of a stack overflow, this still results in a denial-of-service condition, freezing the systemd process (PID 1) and potentially rendering the entire system unresponsive. The impact is significant as systemd is a core component of many Linux distributions, and its failure can disrupt critical system services. This vulnerability shares similarities with other IPC-related vulnerabilities where improper data validation can lead to memory corruption.
CVE-2026-29111 was published on March 23, 2026. Its severity is currently assessed as MEDIUM. No public proof-of-concept (POC) code has been publicly released at the time of writing. The vulnerability is not currently listed on KEV (Kernel Exploitability Vulnerability) or has a publicly available EPSS (Exploit Prediction Scoring System) score. Monitor security advisories and threat intelligence feeds for any indications of active exploitation.
Exploit Status
EPSS
0.01% (1% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2026-29111 is to upgrade to a patched version of systemd. Specifically, upgrade to version 259.2 or later. Due to the critical nature of systemd, a rolling upgrade is generally recommended. If an immediate upgrade is not feasible, consider isolating affected systems to limit potential exposure. Unfortunately, no workarounds are available beyond upgrading. After the upgrade, confirm the fix by attempting to reproduce the vulnerability with a crafted IPC API call and verifying that it now triggers the intended assert (v250+) or is rejected (later versions).
Actualice systemd a la versión 257.11, 258.5, 259.2 o superior. Esto corrige la vulnerabilidad que permite a un usuario local no privilegiado provocar un assert y congelar la ejecución del sistema.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2026-29111 is a MEDIUM severity vulnerability in systemd affecting versions 239 through 259. An unprivileged IPC API call with malicious data can trigger an assertion or stack overflow, potentially causing a denial-of-service.
You are affected if your system is running systemd version 239 (inclusive) up to, but not including, version 259.2. Check your systemd version with systemd --version.
Upgrade to systemd version 259.2 or later. Patches are available in systemd versions 260-rc1, 259.2, 258.5, and 257.11. No workarounds are available.
Currently, there are no public reports of CVE-2026-29111 being actively exploited. However, it's crucial to apply the patch promptly due to the potential for exploitation.
Refer to the systemd project's security announcements and relevant distribution-specific security advisories for the latest information on CVE-2026-29111. Check the freedesktop.org website for official announcements.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.