CVE-2026-40223

Опубликовано: 13 апр. 2026

Источник: ubuntu

Приоритет: medium

CVSS3: 4.7

Описание

In systemd 258 before 260, a local unprivileged user can trigger an assert when a Delegate=yes and User= unit exists and is running.

Релиз	Статус	Примечание
devel	needs-triage
esm-infra-legacy/trusty	needs-triage
esm-infra/bionic	needs-triage
esm-infra/focal	needs-triage
esm-infra/xenial	needs-triage
jammy	needs-triage
noble	needs-triage
questing	needs-triage
upstream	released	260~rc1-1

Показывать по

Ссылки на источники

4.7 Medium

CVSS3

Связанные уязвимости

CVE-2026-40223

CVSS3: 4.7

redhat

5 дней назад

A flaw was found in systemd, a core component of Linux operating systems. A local user, without special privileges, can exploit this vulnerability. By manipulating a specific systemd unit configuration where delegation is enabled and the user is not set, the user can trigger an internal error, leading to a Denial of Service (DoS). This means the affected system may become unresponsive or crash, impacting its availability.

CVE-2026-40223

CVSS3: 4.7

nvd

5 дней назад

In systemd 258 before 260, a local unprivileged user can trigger an assert when a Delegate=yes and User=<unset> unit exists and is running.

CVE-2026-40223

CVSS3: 4.7

debian

5 дней назад

In systemd 258 before 260, a local unprivileged user can trigger an as ...

GHSA-52rm-r39v-fwv9

CVSS3: 4.7

github

5 дней назад

In systemd 258 before 260, a local unprivileged user can trigger an assert when a Delegate=yes and User=<unset> unit exists and is running.

4.7 Medium

CVSS3

CVE-2026-40223

Описание

Пакет systemd

Ссылки на источники

Связанные уязвимости