CVE-2026-40225

Опубликовано: 13 апр. 2026

Источник: ubuntu

Приоритет: medium

CVSS3: 6.4

Описание

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.

Релиз	Статус	Примечание
devel	needs-triage
esm-infra-legacy/trusty	needs-triage
esm-infra/bionic	needs-triage
esm-infra/focal	needs-triage
esm-infra/xenial	needs-triage
jammy	needs-triage
noble	needs-triage
questing	needs-triage
upstream	released	260~rc4-1

Показывать по

Ссылки на источники

6.4 Medium

CVSS3

Связанные уязвимости

CVE-2026-40225

CVSS3: 6.4

redhat

5 дней назад

A flaw was found in udev in systemd. A local user with access to malicious hardware devices can exploit this vulnerability. By providing unsanitized kernel output, the flaw allows for local root execution, leading to privilege escalation.

CVE-2026-40225

CVSS3: 6.4

nvd

5 дней назад

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.

CVE-2026-40225

CVSS3: 6.4

debian

5 дней назад

In udev in systemd before 260, local root execution can occur via mali ...

GHSA-396h-m3pm-fpm5

CVSS3: 6.4

github

5 дней назад

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.

6.4 Medium

CVSS3

CVE-2026-40225

Описание

Пакет systemd

Ссылки на источники

Связанные уязвимости