VulnerableCode Package Details - pkg:deb/debian/systemd@252.39-1~deb12u1

Search for packages

Vulnerability	Summary	Fixed by
VCID-4eyp-2xve-qugd Aliases: CVE-2026-40226	In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.	254.26-1~bpo12+1 Affected by 0 other vulnerabilities. 260.1-1 Affected by 0 other vulnerabilities.
VCID-4n47-ffax-sbdu Aliases: CVE-2026-4105	systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method	254.26-1~bpo12+1 Affected by 0 other vulnerabilities. 260.1-1 Affected by 0 other vulnerabilities.
VCID-fp54-ff23-vbb5 Aliases: CVE-2026-29111	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data	254.26-1~bpo12+1 Affected by 0 other vulnerabilities. 260.1-1 Affected by 0 other vulnerabilities.
VCID-hwg6-vaus-cfa2 Aliases: CVE-2026-40225	In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.	254.26-1~bpo12+1 Affected by 0 other vulnerabilities. 260.1-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-4eyp-2xve-qugd
Aliases:
CVE-2026-40226

In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.

254.26-1~bpo12+1
Affected by 0 other vulnerabilities.

260.1-1
Affected by 0 other vulnerabilities.

VCID-4n47-ffax-sbdu
Aliases:
CVE-2026-4105

systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method

254.26-1~bpo12+1
Affected by 0 other vulnerabilities.

260.1-1
Affected by 0 other vulnerabilities.

VCID-fp54-ff23-vbb5
Aliases:
CVE-2026-29111

systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data

254.26-1~bpo12+1
Affected by 0 other vulnerabilities.

260.1-1
Affected by 0 other vulnerabilities.

VCID-hwg6-vaus-cfa2
Aliases:
CVE-2026-40225

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.

254.26-1~bpo12+1
Affected by 0 other vulnerabilities.

260.1-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-552s-n3yf-fkgq	systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes	CVE-2023-7008
VCID-66sa-bc5p-jqde	Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.	CVE-2023-50387
VCID-86qy-wkqz-5qam	systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump	CVE-2025-4598
VCID-cgv9-wdwy-5qfu	Multiple vulnerabilities have been found in systemd, the worst of which could result in a Denial of Service condition.	CVE-2020-13529
VCID-vprj-j7u6-zbe7	Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.	CVE-2023-50868

Vulnerability

Summary

Aliases

VCID-552s-n3yf-fkgq

systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

CVE-2023-7008

VCID-66sa-bc5p-jqde

Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.

CVE-2023-50387

VCID-86qy-wkqz-5qam

systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump

CVE-2025-4598

VCID-cgv9-wdwy-5qfu

Multiple vulnerabilities have been found in systemd, the worst of which could result in a Denial of Service condition.

CVE-2020-13529

VCID-vprj-j7u6-zbe7

Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.

CVE-2023-50868

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T13:12:41.036583+00:00	Debian Importer	Affected by	VCID-4eyp-2xve-qugd	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T13:05:18.327842+00:00	Debian Importer	Affected by	VCID-fp54-ff23-vbb5	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:34:21.381377+00:00	Debian Importer	Affected by	VCID-hwg6-vaus-cfa2	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:24:37.395111+00:00	Debian Importer	Fixing	VCID-cgv9-wdwy-5qfu	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:48:47.114140+00:00	Debian Importer	Affected by	VCID-4n47-ffax-sbdu	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-15T22:01:58.996554+00:00	Debian Oval Importer	Fixing	VCID-86qy-wkqz-5qam	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:12:11.162545+00:00	Debian Oval Importer	Fixing	VCID-552s-n3yf-fkgq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:59:08.315582+00:00	Debian Oval Importer	Fixing	VCID-vprj-j7u6-zbe7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:36:56.542814+00:00	Debian Oval Importer	Fixing	VCID-66sa-bc5p-jqde	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-13T09:05:36.601547+00:00	Debian Importer	Affected by	VCID-4eyp-2xve-qugd	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:59:57.053795+00:00	Debian Importer	Affected by	VCID-fp54-ff23-vbb5	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:22:32.632322+00:00	Debian Importer	Affected by	VCID-hwg6-vaus-cfa2	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T21:40:09.056294+00:00	Debian Oval Importer	Fixing	VCID-86qy-wkqz-5qam	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:52:02.121874+00:00	Debian Oval Importer	Fixing	VCID-552s-n3yf-fkgq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:16:52.164664+00:00	Debian Importer	Fixing	VCID-cgv9-wdwy-5qfu	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:55:16.452614+00:00	Debian Importer	Affected by	VCID-4n47-ffax-sbdu	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T16:45:46.086623+00:00	Debian Oval Importer	Fixing	VCID-vprj-j7u6-zbe7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:24:51.984790+00:00	Debian Oval Importer	Fixing	VCID-66sa-bc5p-jqde	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T21:18:08.141477+00:00	Debian Oval Importer	Fixing	VCID-86qy-wkqz-5qam	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:31:35.601114+00:00	Debian Oval Importer	Fixing	VCID-552s-n3yf-fkgq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:59:14.169242+00:00	Debian Importer	Affected by	VCID-fp54-ff23-vbb5	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T16:36:07.351139+00:00	Debian Oval Importer	Fixing	VCID-vprj-j7u6-zbe7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:19:21.238710+00:00	Debian Oval Importer	Fixing	VCID-66sa-bc5p-jqde	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-04T18:03:32.800646+00:00	Debian Importer	Fixing	VCID-cgv9-wdwy-5qfu	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-04T17:07:49.478473+00:00	Debian Importer	Affected by	VCID-4n47-ffax-sbdu	https://security-tracker.debian.org/tracker/data/json	38.1.0