{"id":"USN-8119-1","summary":"systemd vulnerabilities","details":"It was discovered that systemd incorrectly handled certain cgroup paths.\nA local attacker could possibly use this issue to cause systemd to crash,\nresulting in a denial of service. (CVE-2026-29111)\n\nIt was discovered that the systemd udev component incorrectly handled\ncertain fields received from the kernel. An attacker with a malicious\ndevice could possibly use this issue to execute arbitrary code as an\nadministrator (root).","modified":"2026-06-05T19:59:15.322110691Z","published":"2026-03-23T20:16:04Z","related":["UBUNTU-CVE-2026-29111","UBUNTU-CVE-2026-40225"],"upstream":["CVE-2026-29111","UBUNTU-CVE-2026-29111"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-8119-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-29111"}],"affected":[{"package":{"name":"systemd","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/systemd@249.11-0ubuntu3.19?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"249.11-0ubuntu3.19"}]}],"versions":["248.3-1ubuntu8","249.5-2ubuntu1","249.5-2ubuntu2","249.5-2ubuntu3","249.5-2ubuntu4","249.9-0ubuntu2","249.10-0ubuntu1","249.10-0ubuntu2","249.11-0ubuntu1","249.11-0ubuntu2","249.11-0ubuntu3","249.11-0ubuntu3.1","249.11-0ubuntu3.3","249.11-0ubuntu3.4","249.11-0ubuntu3.6","249.11-0ubuntu3.7","249.11-0ubuntu3.9","249.11-0ubuntu3.10","249.11-0ubuntu3.11","249.11-0ubuntu3.12","249.11-0ubuntu3.15","249.11-0ubuntu3.16","249.11-0ubuntu3.17"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"libnss-myhostname","binary_version":"249.11-0ubuntu3.19"},{"binary_name":"libnss-mymachines","binary_version":"249.11-0ubuntu3.19"},{"binary_name":"libnss-resolve","binary_version":"249.11-0ubuntu3.19"},{"binary_name":"libnss-systemd","binary_version":"249.11-0ubuntu3.19"},{"binary_name":"libpam-systemd","binary_version":"249.11-0ubuntu3.19"},{"binary_name":"libsystemd0","binary_version":"249.11-0ubuntu3.19"},{"binary_name":"libudev1","binary_version":"249.11-0ubuntu3.19"},{"binary_name":"systemd","binary_version":"249.11-0ubuntu3.19"},{"binary_name":"systemd-container","binary_version":"249.11-0ubuntu3.19"},{"binary_name":"systemd-coredump","binary_version":"249.11-0ubuntu3.19"},{"binary_name":"systemd-journal-remote","binary_version":"249.11-0ubuntu3.19"},{"binary_version":"249.11-0ubuntu3.19","binary_name":"systemd-oomd"},{"binary_name":"systemd-repart","binary_version":"249.11-0ubuntu3.19"},{"binary_name":"systemd-standalone-sysusers","binary_version":"249.11-0ubuntu3.19"},{"binary_name":"systemd-standalone-tmpfiles","binary_version":"249.11-0ubuntu3.19"},{"binary_name":"systemd-sysv","binary_version":"249.11-0ubuntu3.19"},{"binary_name":"systemd-tests","binary_version":"249.11-0ubuntu3.19"},{"binary_version":"249.11-0ubuntu3.19","binary_name":"systemd-timesyncd"},{"binary_name":"udev","binary_version":"249.11-0ubuntu3.19"}]},"database_specific":{"cves_map":{"cves":[{"id":"CVE-2026-29111","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"score":"medium","type":"Ubuntu"}]}],"ecosystem":"Ubuntu:22.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8119-1.json"}},{"package":{"name":"systemd","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/systemd@255.4-1ubuntu8.14?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"255.4-1ubuntu8.14"}]}],"versions":["253.5-1ubuntu6","253.5-1ubuntu7","255.2-3ubuntu2","255.4-1ubuntu5","255.4-1ubuntu6","255.4-1ubuntu7","255.4-1ubuntu8","255.4-1ubuntu8.1","255.4-1ubuntu8.2","255.4-1ubuntu8.4","255.4-1ubuntu8.5","255.4-1ubuntu8.6","255.4-1ubuntu8.8","255.4-1ubuntu8.10","255.4-1ubuntu8.11","255.4-1ubuntu8.12"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"libnss-myhostname","binary_version":"255.4-1ubuntu8.14"},{"binary_version":"255.4-1ubuntu8.14","binary_name":"libnss-mymachines"},{"binary_name":"libnss-resolve","binary_version":"255.4-1ubuntu8.14"},{"binary_name":"libnss-systemd","binary_version":"255.4-1ubuntu8.14"},{"binary_version":"255.4-1ubuntu8.14","binary_name":"libpam-systemd"},{"binary_version":"255.4-1ubuntu8.14","binary_name":"libsystemd-shared"},{"binary_name":"libsystemd0","binary_version":"255.4-1ubuntu8.14"},{"binary_version":"255.4-1ubuntu8.14","binary_name":"libudev1"},{"binary_name":"systemd","binary_version":"255.4-1ubuntu8.14"},{"binary_name":"systemd-boot","binary_version":"255.4-1ubuntu8.14"},{"binary_name":"systemd-boot-efi","binary_version":"255.4-1ubuntu8.14"},{"binary_name":"systemd-container","binary_version":"255.4-1ubuntu8.14"},{"binary_name":"systemd-coredump","binary_version":"255.4-1ubuntu8.14"},{"binary_name":"systemd-homed","binary_version":"255.4-1ubuntu8.14"},{"binary_name":"systemd-journal-remote","binary_version":"255.4-1ubuntu8.14"},{"binary_version":"255.4-1ubuntu8.14","binary_name":"systemd-oomd"},{"binary_name":"systemd-resolved","binary_version":"255.4-1ubuntu8.14"},{"binary_name":"systemd-standalone-sysusers","binary_version":"255.4-1ubuntu8.14"},{"binary_version":"255.4-1ubuntu8.14","binary_name":"systemd-standalone-tmpfiles"},{"binary_name":"systemd-sysv","binary_version":"255.4-1ubuntu8.14"},{"binary_name":"systemd-tests","binary_version":"255.4-1ubuntu8.14"},{"binary_name":"systemd-timesyncd","binary_version":"255.4-1ubuntu8.14"},{"binary_name":"systemd-ukify","binary_version":"255.4-1ubuntu8.14"},{"binary_name":"systemd-userdbd","binary_version":"255.4-1ubuntu8.14"},{"binary_version":"255.4-1ubuntu8.14","binary_name":"udev"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8119-1.json","cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-29111"}],"ecosystem":"Ubuntu:24.04:LTS"}}},{"package":{"name":"systemd","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/systemd@257.9-0ubuntu2.3?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"257.9-0ubuntu2.3"}]}],"versions":["257.4-1ubuntu3","257.6-1ubuntu1","257.7-1ubuntu1","257.7-1ubuntu3","257.8-0ubuntu2","257.9-0ubuntu1","257.9-0ubuntu2","257.9-0ubuntu2.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"257.9-0ubuntu2.3","binary_name":"libnss-myhostname"},{"binary_name":"libnss-mymachines","binary_version":"257.9-0ubuntu2.3"},{"binary_name":"libnss-resolve","binary_version":"257.9-0ubuntu2.3"},{"binary_name":"libnss-systemd","binary_version":"257.9-0ubuntu2.3"},{"binary_name":"libpam-systemd","binary_version":"257.9-0ubuntu2.3"},{"binary_version":"257.9-0ubuntu2.3","binary_name":"libsystemd-shared"},{"binary_name":"libsystemd0","binary_version":"257.9-0ubuntu2.3"},{"binary_name":"libudev1","binary_version":"257.9-0ubuntu2.3"},{"binary_name":"systemd","binary_version":"257.9-0ubuntu2.3"},{"binary_version":"257.9-0ubuntu2.3","binary_name":"systemd-boot"},{"binary_name":"systemd-boot-efi","binary_version":"257.9-0ubuntu2.3"},{"binary_name":"systemd-boot-tools","binary_version":"257.9-0ubuntu2.3"},{"binary_version":"257.9-0ubuntu2.3","binary_name":"systemd-container"},{"binary_name":"systemd-coredump","binary_version":"257.9-0ubuntu2.3"},{"binary_name":"systemd-cryptsetup","binary_version":"257.9-0ubuntu2.3"},{"binary_name":"systemd-homed","binary_version":"257.9-0ubuntu2.3"},{"binary_name":"systemd-journal-remote","binary_version":"257.9-0ubuntu2.3"},{"binary_name":"systemd-oomd","binary_version":"257.9-0ubuntu2.3"},{"binary_name":"systemd-repart","binary_version":"257.9-0ubuntu2.3"},{"binary_version":"257.9-0ubuntu2.3","binary_name":"systemd-resolved"},{"binary_version":"257.9-0ubuntu2.3","binary_name":"systemd-standalone-shutdown"},{"binary_name":"systemd-standalone-sysusers","binary_version":"257.9-0ubuntu2.3"},{"binary_version":"257.9-0ubuntu2.3","binary_name":"systemd-standalone-tmpfiles"},{"binary_name":"systemd-sysv","binary_version":"257.9-0ubuntu2.3"},{"binary_name":"systemd-tests","binary_version":"257.9-0ubuntu2.3"},{"binary_name":"systemd-timesyncd","binary_version":"257.9-0ubuntu2.3"},{"binary_name":"systemd-ukify","binary_version":"257.9-0ubuntu2.3"},{"binary_name":"systemd-userdbd","binary_version":"257.9-0ubuntu2.3"},{"binary_name":"udev","binary_version":"257.9-0ubuntu2.3"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:25.10","cves":[{"id":"CVE-2026-29111","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8119-1.json"}}],"schema_version":"1.7.5"}