OESA-2026-2123

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-2123

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2026-2123.json

JSON Data

https://api.osv.dev/v1/vulns/OESA-2026-2123

Upstream

CVE-2026-29111

Published

2026-05-03T09:55:18Z

Modified

2026-05-03T10:16:20.759775Z

Summary

systemd security update

Details

systemd is a system and service manager that runs as PID 1 and starts the rest of the system.

Security Fix(es):

systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available.(CVE-2026-29111)

Database specific

{
    "severity": "Medium"
}

References

Affected packages

openEuler:22.03-LTS-SP4 / systemd

Package

Name: systemd
Purl: pkg:rpm/openEuler/systemd&distro=openEuler-22.03-LTS-SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

249-113.oe2203sp4

Ecosystem specific

{
    "noarch": [
        "systemd-help-249-113.oe2203sp4.noarch.rpm"
    ],
    "aarch64": [
        "systemd-249-113.oe2203sp4.aarch64.rpm",
        "systemd-container-249-113.oe2203sp4.aarch64.rpm",
        "systemd-cryptsetup-249-113.oe2203sp4.aarch64.rpm",
        "systemd-debuginfo-249-113.oe2203sp4.aarch64.rpm",
        "systemd-debugsource-249-113.oe2203sp4.aarch64.rpm",
        "systemd-devel-249-113.oe2203sp4.aarch64.rpm",
        "systemd-libs-249-113.oe2203sp4.aarch64.rpm",
        "systemd-networkd-249-113.oe2203sp4.aarch64.rpm",
        "systemd-nspawn-249-113.oe2203sp4.aarch64.rpm",
        "systemd-pam-249-113.oe2203sp4.aarch64.rpm",
        "systemd-resolved-249-113.oe2203sp4.aarch64.rpm",
        "systemd-timesyncd-249-113.oe2203sp4.aarch64.rpm",
        "systemd-udev-249-113.oe2203sp4.aarch64.rpm"
    ],
    "x86_64": [
        "systemd-249-113.oe2203sp4.x86_64.rpm",
        "systemd-container-249-113.oe2203sp4.x86_64.rpm",
        "systemd-cryptsetup-249-113.oe2203sp4.x86_64.rpm",
        "systemd-debuginfo-249-113.oe2203sp4.x86_64.rpm",
        "systemd-debugsource-249-113.oe2203sp4.x86_64.rpm",
        "systemd-devel-249-113.oe2203sp4.x86_64.rpm",
        "systemd-libs-249-113.oe2203sp4.x86_64.rpm",
        "systemd-networkd-249-113.oe2203sp4.x86_64.rpm",
        "systemd-nspawn-249-113.oe2203sp4.x86_64.rpm",
        "systemd-pam-249-113.oe2203sp4.x86_64.rpm",
        "systemd-resolved-249-113.oe2203sp4.x86_64.rpm",
        "systemd-timesyncd-249-113.oe2203sp4.x86_64.rpm",
        "systemd-udev-249-113.oe2203sp4.x86_64.rpm"
    ],
    "src": [
        "systemd-249-113.oe2203sp4.src.rpm"
    ]
}

Database specific

source

"https://repo.openeuler.org/security/data/osv/OESA-2026-2123.json"