Skip to main content

Red Hat EUVDEUVD-2026-14562

| CVE-2026-29111 MEDIUM
Improper Privilege Management (CWE-269)
2026-03-23 GitHub_M
5.5
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Ubuntu
MEDIUM
qualitative
SUSE
MEDIUM
qualitative
Red Hat
7.8 MEDIUM
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

4
Patch released
Mar 24, 2026 - 02:45 nvd
Patch available
EUVD ID Assigned
Mar 23, 2026 - 21:30 euvd
EUVD-2026-14562
Analysis Generated
Mar 23, 2026 - 21:30 vuln.today
CVE Published
Mar 23, 2026 - 21:03 nvd
MEDIUM 5.5

DescriptionGitHub Advisory

systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available.

AnalysisAI

systemd (PID 1) contains a denial-of-service vulnerability triggered by malformed IPC API calls from unprivileged users that causes the service manager to assert and freeze. On versions v249 and earlier, the same vulnerability manifests as stack buffer overwriting with attacker-controlled data, potentially enabling code execution; versions v250 and newer include a safety check that converts this to a non-exploitable assertion failure. The vulnerability affects systemd versions v239 through v259 (with patched versions 260-rc1, 259.2, 258.5, and 257.11 available), impacting all Linux distributions using affected systemd builds including multiple Ubuntu releases tracked at medium priority.

Technical ContextAI

systemd is a system and service manager responsible for bootstrapping user-space and managing system services on modern Linux systems, running as PID 1 with full system privileges. The vulnerability exists in the unprivileged IPC API interface exposed by systemd, which was first introduced in version v239. The root cause is classified under CWE-269 (Improper Access Control), specifically inadequate input validation of IPC message data that allows unprivileged callers to trigger memory corruption or assertion failures. On versions prior to v250, insufficient bounds checking on IPC payloads permits stack buffer overflow with attacker-controlled content; version v250 introduced a safety check that converts exploitable stack corruption into a handled assertion, reducing exploitability but maintaining availability impact. The vulnerability is product-specific to systemd (CPE: cpe:2.3:a:systemd:systemd:*:*:*:*:*:*:*:*) and affects all distributions packaging vulnerable versions.

RemediationAI

Immediately upgrade systemd to patched versions: 260-rc1 or later for version 260 track, 259.2 or later for version 259 track, 258.5 or later for version 258 track, or 257.11 or later for version 257 track. Most distributions provide security updates through standard package management; Ubuntu users should apply available security updates for their tracked releases. If immediate patching is impossible, mitigate by restricting unprivileged user access to the system via tight SSH/console access controls, firewall policies limiting local service access, or containerization constraints that prevent untrusted code execution at the host level. No functional workarounds exist that preserve full systemd functionality while eliminating the attack surface; patching is the definitive remediation. Consult the GitHub security advisory at https://github.com/systemd/systemd/security/advisories/GHSA-gx6q-6f99-m764 and associated commit fixes for detailed patch information.

Vendor StatusVendor

Ubuntu

Priority: Medium
systemd
Release Status Version
trusty needs-triage -
xenial not-affected code not present
bionic not-affected code not present
focal needed -
jammy needed -
noble needed -
questing needed -
upstream needs-triage -

SUSE

Severity: Medium
Product Status
Container suse/manager/4.3/proxy-httpd:4.3.17.9.76.3 Affected
Container suse/manager/4.3/proxy-salt-broker:4.3.17.9.66.3 Container suse/manager/4.3/proxy-ssh:4.3.17.9.66.3 Affected
Container suse/manager/5.0/x86_64/proxy-httpd:latest Container suse/manager/5.0/x86_64/server-hub-xmlrpc-api:latest Affected
Container suse/manager/5.0/x86_64/proxy-ssh:latest Container suse/manager/5.0/x86_64/server-attestation:latest Container suse/manager/5.0/x86_64/server-migration-14-16:latest Affected
Container suse/manager/5.0/x86_64/server:latest Affected

Share

EUVD-2026-14562 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy