Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

SUSE Linux 16.0 systemd Important Access Control Threat 2026-21144-1

suse
Calendar Grey April 21, 2026
Dist Suse Esm H88
Update addresses important vulnerabilities in SUSE systemd with feature improvements and security fixes to enhance system integrity.
An update that solves two vulnerabilities, contains one feature and has three fixes can now be installed.

Summary

## This update for systemd fixes the following issues: Update to systemd v257.13: Security issues: * CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method (bsc#1259650). * CVE-2026-29111: local unprivileged user can trigger an assert in systemd (bsc#1259418). * udev: local root execution via malicious hardware devices and unsanitized kernel output (bsc#1259697). Non security issues: * Avoid shipping (empty) directories and ghost files in /var (jsc#PED-14853). * Sign systemd-boot EFI binary on aarch64 (bsc#1258344) * terminal-util: stop doing 0/upper bound check in tty_is_vc() (bsc#1255326) Changelog: * 6941d92dc2 machined: reject invalid class types when registering machines (bsc#1259650 CVE-2026-4105)

References

* bsc#1255326

* bsc#1258344

* bsc#1259418

* bsc#1259650

* bsc#1259697

* jsc#PED-14853

Cross-

* CVE-2026-29111

* CVE-2026-4105

CVSS scores:

* CVE-2026-29111 ( SUSE ): 6.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2026-29111 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2026-29111 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2026-4105 ( SUSE ): 7.3

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2026-4105 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2026-4105 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* SUSE Linux Enterprise Server 16.0

* SUSE Linux Enterprise Server for SAP applications 16.0

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:21144-1
Release Date: 2026-04-07T15:17:05Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here