Search for packages
| purl | pkg:deb/debian/systemd@247.3-7%2Bdeb11u5?distro=trixie |
| Next non-vulnerable version | 247.3-7+deb11u6 |
| Latest non-vulnerable version | 260.1-1 |
| Risk | 3.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-4eyp-2xve-qugd
Aliases: CVE-2026-40226 |
In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-4n47-ffax-sbdu
Aliases: CVE-2026-4105 |
systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-cgv9-wdwy-5qfu
Aliases: CVE-2020-13529 |
Multiple vulnerabilities have been found in systemd, the worst of which could result in a Denial of Service condition. |
Affected by 0 other vulnerabilities. Affected by 4 other vulnerabilities. Affected by 4 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-fp54-ff23-vbb5
Aliases: CVE-2026-29111 |
systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-hwg6-vaus-cfa2
Aliases: CVE-2026-40225 |
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-13xf-fn51-3qhe | Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. |
CVE-2013-4394
|
| VCID-1mej-gstk-pfbs | Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. |
CVE-2018-15686
|
| VCID-2arn-c1yc-37he | systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864 |
CVE-2019-3815
|
| VCID-2nq3-t67f-57ha | systemd: memory leak in button_open() in login/logind-button.c when udev events are received |
CVE-2019-20386
|
| VCID-3st2-3d7c-yuft | systemd: improper use of tmpfiles.d to create persistent journal files |
CVE-2015-8842
|
| VCID-4dq5-84vh-u3bz | systemd: Out-of-bounds write in systemd-resolved due to allocating too small buffer in dns_packet_new |
CVE-2017-9445
|
| VCID-4eyp-2xve-qugd | In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file. |
CVE-2026-40226
|
| VCID-4n47-ffax-sbdu | systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method |
CVE-2026-4105
|
| VCID-552s-n3yf-fkgq | systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes |
CVE-2023-7008
|
| VCID-5fyk-ea9c-6fd1 | Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. |
CVE-2013-4391
|
| VCID-5j51-kyj4-gkag | systemd: Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files |
CVE-2018-6954
|
| VCID-66sa-bc5p-jqde | Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service. |
CVE-2023-50387
|
| VCID-71xj-3x1z-6kh4 | A heap use-after-free flaw in systemd at worst might allow an attacker to execute arbitrary code. |
CVE-2020-1712
|
| VCID-7mtw-85gb-vyfz | Multiple vulnerabilities have been found in systemd, the worst of which could result in a Denial of Service condition. |
CVE-2021-33910
|
| VCID-7p2k-q6vr-3kf5 | systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c |
CVE-2022-2526
|
| VCID-7war-ne2h-wkej | security update |
CVE-2019-3842
|
| VCID-86qy-wkqz-5qam | systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump |
CVE-2025-4598
|
| VCID-8sva-z329-ekcr | systemd: systemd-resolved allows unprivileged users to configure DNS |
CVE-2019-15718
|
| VCID-8x92-ah94-47f7 | systemd: Unsafe handling of hard links allowing privilege escalation |
CVE-2017-18078
|
| VCID-94hk-2ehw-bqds | systemd: services with DynamicUser can get new privileges and create SGID binaries |
CVE-2019-3844
|
| VCID-bvrs-m3qy-dyb1 | Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. |
CVE-2013-4393
|
| VCID-cmbj-869t-c3e3 | Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. |
CVE-2018-15687
|
| VCID-d4fp-vqxd-qyc2 | systemd 37-1 does not properly handle non-existent services, which causes a denial of service (failure of login procedure). |
CVE-2012-1101
|
| VCID-dn4b-qf6b-j7aj | A race condition in polkit could allow a local attacker to gain escalated privileges. |
CVE-2013-4327
|
| VCID-dvhg-mcz2-r3f5 | Multiple vulnerabilities have been discovered in systemd, the worst of which could result in denial of service. |
CVE-2021-3997
|
| VCID-e7km-pysq-hqe2 | systemd: Infinite loop in the dns_packet_read_type_window() function |
CVE-2017-15908
|
| VCID-e9ng-ewvh-kqeq | Multiple vulnerabilities have been discovered in systemd, the worst of which could result in denial of service. |
CVE-2022-3821
|
| VCID-egf8-guux-pybe | systemd: Null pointer dereference in dns_packet_is_reply_for function |
CVE-2017-9217
|
| VCID-fdkt-299k-vufa | systemd: fails to parse usernames that start with digits |
CVE-2017-1000082
|
| VCID-fp54-ff23-vbb5 | systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data |
CVE-2026-29111
|
| VCID-gkrw-z2cb-aud5 | systemd: Assertion failure when PID 1 receives a zero-length message over notify socket |
CVE-2016-7795
|
| VCID-gp1n-ygnu-aydy | systemd: weak permissions for journal files |
CVE-2014-9770
|
| VCID-hwg6-vaus-cfa2 | In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output. |
CVE-2026-40225
|
| VCID-jxun-f52c-gfg9 | systemd: freeze when PID 1 receives a zero-length message over notify socket |
CVE-2016-7796
|
| VCID-kphd-g8v1-wbhw | The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/. |
CVE-2012-0871
|
| VCID-m2qr-wk7f-8uda |
CVE-2026-40223
|
|
| VCID-m4h3-fsrv-jyet | The rm_rf_children function in util.c in the systemd-logind login manager in systemd before 44, when logging out, allows local users to delete arbitrary files via a symlink attack on unspecified files, related to "particular records related with user session." |
CVE-2012-1174
|
| VCID-mgcn-uevn-13c3 | Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. |
CVE-2018-16865
|
| VCID-nuf5-cg89-8bb7 | Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. |
CVE-2018-16866
|
| VCID-q4kr-rg2c-f7ad | Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. |
CVE-2018-15688
|
| VCID-qu2y-j7d2-auej | systemd: systemd creates world-writable suid files allowing root privilege escalation |
CVE-2016-10156
|
| VCID-qxmz-gqjn-tfh7 | Multiple vulnerabilities have been discovered in systemd, the worst of which can lead to a denial of service. |
CVE-2022-45873
|
| VCID-sdnj-avfk-7bch | systemd: incorrect certificate validation results in acceptance of any certificate signed by a trusted certificate authority for DNS over TLS |
CVE-2018-21029
|
| VCID-sejj-hs68-n3gs |
CVE-2026-40224
|
|
| VCID-sn1e-9p1f-1fen | systemd: services with DynamicUser can create SUID/SGID binaries |
CVE-2019-3843
|
| VCID-sn9x-3yp1-2ke4 | Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. |
CVE-2018-16864
|
| VCID-t3bf-3486-wqh1 | systemd: kills privileged process if unprivileged PIDFile was tampered |
CVE-2018-16888
|
| VCID-tv9q-bzvp-sqb5 | systemd: privilege escalation via the less pager |
CVE-2023-26604
|
| VCID-ucz9-1m21-zbhc | systemd: Stack overflow in nss-mymachines |
CVE-2015-7510
|
| VCID-v7z5-xs49-r3ar | systemd: systemd: Denial of Service via malicious IPC API call with null element |
CVE-2026-40227
|
| VCID-vprj-j7u6-zbe7 | Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service. |
CVE-2023-50868
|
| VCID-vrsm-6j4m-cka4 | Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. |
CVE-2019-6454
|
| VCID-w7ys-gs9d-m3f5 | systemd: Mishandles numerical usernames beginning with decimal digits or 0x followed by hexadecimal digits |
CVE-2020-13776
|
| VCID-yk9j-tm66-eyev | Multiple vulnerabilities have been discovered in systemd, the worst of which can lead to a denial of service. |
CVE-2022-4415
|
| VCID-z5kr-1k65-hyh3 | systemd: automount: access to automounted volumes can lock up |
CVE-2018-1049
|