Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

SUSE Enterprise Linux Micro 6.2 Systemd Major Vulnerability CVE-2026-4105

suse
Calendar Grey April 13, 2026
Dist Suse Esm H88
SUSE updates systemd to fix privilege escalation issues and more for Linux Micro 6.2.
An update that solves two vulnerabilities, contains one feature and has three fixes can now be installed.

Summary

## This update for systemd fixes the following issues: Update to systemd v257.13: Security issues: * CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method (bsc#1259650). * CVE-2026-29111: local unprivileged user can trigger an assert in systemd (bsc#1259418). * udev: local root execution via malicious hardware devices and unsanitized kernel output (bsc#1259697). Non security issues: * Avoid shipping (empty) directories and ghost files in /var (jsc#PED-14853). * Sign systemd-boot EFI binary on aarch64 (bsc#1258344) * terminal-util: stop doing 0/upper bound check in tty_is_vc() (bsc#1255326) Changelog: * 6941d92dc2 machined: reject invalid class types when registering machines (bsc#1259650 CVE-2026-4105)

References

* bsc#1255326

* bsc#1258344

* bsc#1259418

* bsc#1259650

* bsc#1259697

* jsc#PED-14853

Cross-

* CVE-2026-29111

* CVE-2026-4105

CVSS scores:

* CVE-2026-29111 ( SUSE ): 6.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2026-29111 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2026-29111 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2026-4105 ( SUSE ): 7.3

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2026-4105 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2026-4105 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* SUSE Linux Micro 6.2

* SUSE Linux Micro Extras 6.2

An update that solves two vulnerabilities, contains one feature and has three

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:20998-1
Release Date: 2026-04-07T15:10:12Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here