Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

SUSE Linux Micro 6.2 systemd Important Privilege Escalation CVE-2026-4105

suse
Calendar Grey April 13, 2026
Dist Suse Esm H88
An important update for SUSE systemd fixes security flaws allowing privilege escalation and local execution risks.
An update that solves two vulnerabilities, contains one feature and has three fixes can now be installed.

Summary

## This update for systemd fixes the following issues: Update to systemd v257.13: Security issues: * CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method (bsc#1259650). * CVE-2026-29111: local unprivileged user can trigger an assert in systemd (bsc#1259418). * udev: local root execution via malicious hardware devices and unsanitized kernel output (bsc#1259697). Non security issues: * Avoid shipping (empty) directories and ghost files in /var (jsc#PED-14853). * Sign systemd-boot EFI binary on aarch64 (bsc#1258344) * terminal-util: stop doing 0/upper bound check in tty_is_vc() (bsc#1255326) Changelog: * 6941d92dc2 machined: reject invalid class types when registering machines (bsc#1259650 CVE-2026-4105)

References

* bsc#1255326

* bsc#1258344

* bsc#1259418

* bsc#1259650

* bsc#1259697

* jsc#PED-14853

Cross-

* CVE-2026-29111

* CVE-2026-4105

CVSS scores:

* CVE-2026-29111 ( SUSE ): 6.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2026-29111 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2026-29111 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2026-4105 ( SUSE ): 7.3

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2026-4105 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2026-4105 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* SUSE Linux Micro 6.2

An update that solves two vulnerabilities, contains one feature and has three

fixes can now be installed.

##

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:21003-1
Release Date: 2026-04-07T15:08:39Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here