Medium severity5.5NVD Advisory· Published Mar 23, 2026· Updated Apr 15, 2026
CVE-2026-29111
CVE-2026-29111
Description
systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
39cpe:2.3:a:systemd_project:systemd:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:systemd_project:systemd:*:*:*:*:*:*:*:*range: >=239,<257.11
- (no CPE)range: >=239, <257.11
- osv-coords37 versionspkg:rpm/almalinux/rhel-net-naming-sysattrspkg:rpm/almalinux/systemdpkg:rpm/almalinux/systemd-boot-unsignedpkg:rpm/almalinux/systemd-containerpkg:rpm/almalinux/systemd-develpkg:rpm/almalinux/systemd-journal-remotepkg:rpm/almalinux/systemd-libspkg:rpm/almalinux/systemd-oomdpkg:rpm/almalinux/systemd-pampkg:rpm/almalinux/systemd-resolvedpkg:rpm/almalinux/systemd-rpm-macrospkg:rpm/almalinux/systemd-udevpkg:rpm/almalinux/systemd-ukifypkg:rpm/opensuse/systemd&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/systemd&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/systemd&distro=openSUSE%20Tumbleweedpkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Micro%206.2
< 252-55.el9_7.9.alma.1+ 36 more
- (no CPE)range: < 252-55.el9_7.9.alma.1
- (no CPE)range: < 252-55.el9_7.9.alma.1
- (no CPE)range: < 252-55.el9_7.9.alma.1
- (no CPE)range: < 252-55.el9_7.9.alma.1
- (no CPE)range: < 252-55.el9_7.9.alma.1
- (no CPE)range: < 252-55.el9_7.9.alma.1
- (no CPE)range: < 252-55.el9_7.9.alma.1
- (no CPE)range: < 252-55.el9_7.9.alma.1
- (no CPE)range: < 252-55.el9_7.9.alma.1
- (no CPE)range: < 252-55.el9_7.9.alma.1
- (no CPE)range: < 257-13.el10_1.3.alma.1
- (no CPE)range: < 252-55.el9_7.9.alma.1
- (no CPE)range: < 257-13.el10_1.3.alma.1
- (no CPE)range: < 254.27-150600.4.62.1
- (no CPE)range: < 257.13-160000.1.1
- (no CPE)range: < 259.5-1.3
- (no CPE)range: < 249.17-150400.8.55.1
- (no CPE)range: < 249.17-150400.8.55.1
- (no CPE)range: < 249.17-150400.8.55.1
- (no CPE)range: < 249.17-150400.8.55.1
- (no CPE)range: < 246.16-150300.7.65.1
- (no CPE)range: < 249.17-150400.8.55.1
- (no CPE)range: < 249.17-150400.8.55.1
- (no CPE)range: < 249.17-150400.8.55.1
- (no CPE)range: < 254.27-150600.4.62.1
- (no CPE)range: < 254.27-150600.4.62.1
- (no CPE)range: < 249.17-150400.8.55.1
- (no CPE)range: < 249.17-150400.8.55.1
- (no CPE)range: < 254.27-150600.4.62.1
- (no CPE)range: < 257.13-160000.1.1
- (no CPE)range: < 249.17-150400.8.55.1
- (no CPE)range: < 249.17-150400.8.55.1
- (no CPE)range: < 254.27-150600.4.62.1
- (no CPE)range: < 257.13-160000.1.1
- (no CPE)range: < 254.27-3.1
- (no CPE)range: < 254.27-slfo.1.1_4.1
- (no CPE)range: < 257.13-160000.1.1
Patches
Vulnerability mechanics
References
11- github.com/systemd/systemd/commit/1d22f706bd04f45f8422e17fbde3f56ece17758anvdPatch
- github.com/systemd/systemd/commit/20021e7686426052e3a7505425d7e12085feb2a6nvdPatch
- github.com/systemd/systemd/commit/21167006574d6b83813c7596759b474f56562412nvdPatch
- github.com/systemd/systemd/commit/3cee294fe8cf4fa0eff933ab21416d099942cabdnvdPatch
- github.com/systemd/systemd/commit/42aee39107fbdd7db1ccd402a2151822b2805e9fnvdPatch
- github.com/systemd/systemd/commit/54588d2dedff54bfb6036670820650e4ea74628fnvdPatch
- github.com/systemd/systemd/commit/7ac3220213690e8a8d6d2a6e81e43bd1dce01d69nvdPatch
- github.com/systemd/systemd/commit/80acea4ef80a4bb78560ed970c34952299b890d6nvdPatch
- github.com/systemd/systemd/commit/b5fd14693057e5f2c9b4a49603be64ec3608ff6cnvdPatch
- github.com/systemd/systemd/commit/efa6ba2ab625aaa160ac435a09e6482fc63bdbe8nvdPatch
- github.com/systemd/systemd/security/advisories/GHSA-gx6q-6f99-m764nvdPatchVendor Advisory
News mentions
1- Debian 13.5 point release lands with security fixes, bug patchesHelp Net Security · May 17, 2026