Nixpkgs security tracker

Login with GitHub

Suggestions search

Untriaged
Filter by:
With package: python312Packages.systemd

Found 1 matching suggestions

View:
Compact
Detailed
Permalink CVE-2026-29111
5.5 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): None (N)
  • Integrity (I): None (N)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): None (N)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): High (H)
created 1 month, 2 weeks ago Activity log
  • Created suggestion 1 month, 2 weeks ago
systemd: Local unprivileged user can trigger an assert

systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available.

Affected products

systemd
  • ==>= 259, < 259.2
  • ==>= 239, < 257.11
  • ==>= 258, < 258.5

Matching in nixpkgs

pkgs.udev

System and service manager for Linux

  • nixos-unstable 259
    • nixpkgs-unstable 259
    • nixos-unstable-small 259.3
  • nixos-25.11 258.3
    • nixos-25.11-small 258.3
    • nixpkgs-25.11-darwin 258.3

pkgs.systemd

System and service manager for Linux

  • nixos-unstable 259
    • nixpkgs-unstable 259
    • nixos-unstable-small 259.3
  • nixos-25.11 258.3
    • nixos-25.11-small 258.3
    • nixpkgs-25.11-darwin 258.3

pkgs.systemdLibs

System and service manager for Linux

  • nixos-unstable 259
    • nixpkgs-unstable 259
    • nixos-unstable-small 259.3
  • nixos-25.11 258.3
    • nixos-25.11-small 258.3
    • nixpkgs-25.11-darwin 258.3

pkgs.systemdUkify

System and service manager for Linux

  • nixos-unstable 259
    • nixpkgs-unstable 259
    • nixos-unstable-small 259.3
  • nixos-25.11 258.3
    • nixos-25.11-small 258.3
    • nixpkgs-25.11-darwin 258.3

pkgs.systemd-netlogd

Forwards messages from the journal to other hosts over the network

pkgs.systemd-bootchart

Boot performance graphing tool from systemd

  • nixos-unstable 235
    • nixpkgs-unstable 235
    • nixos-unstable-small 235
  • nixos-25.11 235
    • nixos-25.11-small 235
    • nixpkgs-25.11-darwin 235

pkgs.ocamlPackages.systemd

OCaml module for native access to the systemd facilities

  • nixos-unstable 1.3
    • nixpkgs-unstable 1.3
    • nixos-unstable-small 1.3
  • nixos-25.11 1.3
    • nixos-25.11-small 1.3
    • nixpkgs-25.11-darwin 1.3

pkgs.update-systemd-resolved

Helper script for OpenVPN to directly update the DNS settings of a link through systemd-resolved via DBus

pkgs.python313Packages.systemdunitparser

SystemdUnitParser is an extension to Python's configparser.RawConfigParser to properly parse systemd unit files

  • nixos-unstable 0.4
    • nixpkgs-unstable 0.4
    • nixos-unstable-small 0.4
  • nixos-25.11 0.4
    • nixos-25.11-small 0.4
    • nixpkgs-25.11-darwin 0.4