CVE-2026-40224
published 2026-04-10CVE-2026-40224: In systemd 259 before 260, there is local privilege escalation in systemd-machined because varlink can be used to reach the root namespace.
PriorityP336high7.3CVSS 3.1
AVLACLPRLUIRSUCHIHAH
EPSS
0.08%
0.2th percentile
In systemd 259 before 260, there is local privilege escalation in systemd-machined because varlink can be used to reach the root namespace.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| systemd | systemd | >= 259 < 260 | 260 |
| systemd_project | systemd | >= 259 < 259.3 | 259.3 |
CVSS provenance
nvdv3.17.3HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
vendor_redhat6.7MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jf3x-2pf6-c45w: In systemd 259 before 260, there is local privilege escalation in systemd-machined because varlink can be used to reach the root namespace
ghsa_unreviewed·2026-04-10
CVE-2026-40224 [MEDIUM] CWE-863 GHSA-jf3x-2pf6-c45w: In systemd 259 before 260, there is local privilege escalation in systemd-machined because varlink can be used to reach the root namespace
In systemd 259 before 260, there is local privilege escalation in systemd-machined because varlink can be used to reach the root namespace.
Red Hat
systemd: systemd-machined: Local privilege escalation via varlink
vendor_redhat·2026-04-10·CVSS 6.7
CVE-2026-40224 [MEDIUM] CWE-266 systemd: systemd-machined: Local privilege escalation via varlink
systemd: systemd-machined: Local privilege escalation via varlink
A flaw was found in systemd-machined, a component of systemd. A local attacker can exploit a vulnerability related to how varlink interacts with the root namespace. This can lead to local privilege escalation, allowing the attacker to gain elevated access on the system.
Package: NetworkManager (Red Hat Enterprise Linux 10) - Not affected
Package: rpm-ostree (Red Hat Enterprise Linux 10) - Not affected
Package: systemd (Red Hat Enterprise Linux 10) - Not affected
Package: systemd (Red Hat Enterprise Linux 7) - Not affected
Package: NetworkManager (Red Hat Enterprise Linux 8) - Not affected
Package: systemd (Red Hat Enterprise Linux 8) - Not affected
Package: NetworkManager (Red Hat Enterprise Linux 9) - Not affected
No detection rules found.
No public exploits indexed.
2026-04-10
Published