CVE-2026-29111

CWE-269Improper Privilege ManagementCWE-128711 documents8 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 98.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Systemd Systemd
Timeline
PublishedMar 23

Description

systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. N

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

Debiansystemd< 260~rc2-1
Ubuntusystemd< 249.11-0ubuntu3.19+6
CVEListV5systemd/systemd>= 239, < 257.11, >= 258, < 258.5, >= 259, < 259.2+2

🔴Vulnerability Details

4
OSV
CVE-2026-29111: systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data2026-03-23
CVEList
systemd: Local unprivileged user can trigger an assert2026-03-23
OSV
systemd vulnerabilities2026-03-23
OSV
systemd vulnerabilities2026-03-23

📋Vendor Advisories

5
Red Hat
systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data2026-03-23
Ubuntu
systemd vulnerabilities2026-03-23
Ubuntu
systemd vulnerabilities2026-03-23
Microsoft
systemd: Local unprivileged user can trigger an assert2026-03-10
Debian
CVE-2026-29111: systemd - systemd, a system and service manager, (as PID 1) hits an assert and freezes exe...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-29111 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-29111 (MEDIUM CVSS 5.5) | cvebase.io