Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2026-40225

Опубликовано: 10 апр. 2026
Источник: debian

Описание

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
systemdfixed260~rc4-1package
systemdno-dsatrixiepackage
systemdno-dsabookwormpackage

Примечания

  • https://github.com/systemd/systemd/security/advisories/GHSA-vpfq-8p5f-jcqx

  • Fixed by: https://github.com/systemd/systemd/commit/16325b35fa6ecb25f66534a562583ce3b96d52f3 (v260-rc3)

  • Fixed by: https://github.com/systemd/systemd/commit/54f880b02ecf7362e630ffc885d1466df6ee6820 (v260-rc4)

  • Fixed by: https://github.com/systemd/systemd/commit/03bb697b8df0339c37f4b845025320b261aeb7cc (v257.12)

  • Fixed by: https://github.com/systemd/systemd/commit/5887e72ff87d3a66a4c3fa91897fbec1545f4d3d (v257.13)

Связанные уязвимости

ubuntu логотип

CVE-2026-40225

CVSS3: 6.4
ubuntu
2 дня назад

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.

redhat логотип

CVE-2026-40225

CVSS3: 6.4
redhat
5 дней назад

A flaw was found in udev in systemd. A local user with access to malicious hardware devices can exploit this vulnerability. By providing unsanitized kernel output, the flaw allows for local root execution, leading to privilege escalation.

nvd логотип

CVE-2026-40225

CVSS3: 6.4
nvd
5 дней назад

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.

github логотип

GHSA-396h-m3pm-fpm5

CVSS3: 6.4
github
5 дней назад

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.