Explore top 10 tips to secure your open-source projects now. Read More
×An update that contains two features and has 12 fixes can now be installed.. # Security update for systemd Announcement ID: SUSE-SU-2026:22537-1 Release Date: 2026-07-03T08:47:49Z Rating: important References: * bsc#1245551 * bsc#1248261 * bsc#1251948 * bsc#1254924 * bsc#1259071 * bsc#1260357 * bsc#1261982 * bsc#1261983 * bsc#1262305 * bsc#1263117 * bsc#1267644 * bsc#1267647 * jsc#PED-15946 * jsc#PED-8812 Affected Products: * SUSE Linux Micro 6.2 * SUSE Linux Micro Extras 6.2 An update that contains two features and has 12 fixes can now be installed. ## Description: This update for systemd fixes the following issues: Changes in systemd: * Better handle TLS allocation failure (bsc#1254924). * Disable mounting `debugfs` by default (jsc#PED-8812). * Import commit 9e8b5afe0fb2061f4a17a3022469dd62f2683960 (bsc#1267647 bsc#1267644 bsc#1262305 bsc#1263117). * Move `systemd-pcrlock` out from the experimental sub-package to `udev` (bsc#1248261 jsc#PED-15946). * Add a weak runtime dependency on `libtss2-tcti-device0` (bsc#1260357). * Import commit 59336000ef7850eba0963c6a690ff3371c425929 (bsc#1261982 bsc#1261983). * Add a weak runtime dependency on `polkit` (bsc#1259071). * systemd-update-helper: fix the clean-state command only removing `$STATE_DIR/system` instead of `$STATE_DIR/`. * systemd-update-helper: add `--root` option for testing convenience. * systemd-update-helper: fix incorrect skipping of `systemctl disable` during package removal (bsc#1245551). * systemd-update-helper: fix `do_install_units()` incorrectly returning 1 when no units need preset. * systemd.spec: introduce `%bcond_without` docs to allow skipping man pages and `devel-doc`. * systemd.spec: drop the `%{release}` number from the SBAT version (bsc#1251948). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommendedinstallation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro Extras 6.2 zypper in -t patch SUSE-SLE-Micro-Extras-6.2-1151=1 ## Package List: * SUSE Linux Micro Extras 6.2 (aarch64 ppc64le s390x x86_64) * systemd-debugsource-257.13-160000.2.1 * systemd-devel-257.13-160000.2.1 * systemd-debuginfo-257.13-160000.2.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1245551 * https://bugzilla.suse.com/show_bug.cgi?id=1248261 * https://bugzilla.suse.com/show_bug.cgi?id=1251948 * https://bugzilla.suse.com/show_bug.cgi?id=1254924 * https://bugzilla.suse.com/show_bug.cgi?id=1259071 * https://bugzilla.suse.com/show_bug.cgi?id=1260357 * https://bugzilla.suse.com/show_bug.cgi?id=1261982 * https://bugzilla.suse.com/show_bug.cgi?id=1261983 * https://bugzilla.suse.com/show_bug.cgi?id=1262305 * https://bugzilla.suse.com/show_bug.cgi?id=1263117 * https://bugzilla.suse.com/show_bug.cgi?id=1267644 * https://bugzilla.suse.com/show_bug.cgi?id=1267647 * https://jira.suse.com/browse/PED-15946 * https://jira.suse.com/browse/PED-8812 . SUSE issues important security update for systemd addressing various issues with fixes and improved functionality.. SUSE systemd update security fixes, importance of system updates, systemd functionality improvement. . Severity: Important. LinuxSecurity.com Team
An update that solves one vulnerability and has three security fixes can now be installed.. # Security update for systemd Announcement ID: SUSE-SU-2026:2809-1 Release Date: 2026-07-09T06:08:36Z Rating: moderate References: * bsc#1261400 * bsc#1261982 * bsc#1261983 * bsc#1267647 Cross-References: * CVE-2026-40226 CVSS scores: * CVE-2026-40226 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-40226 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40226 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability and has three security fixes can now be installed. ## Description: This update for systemd fixes the following issue Security issues fixed: * CVE-2026-40226: nspawn: escape-to-host via malformed optional config file (bsc#1261400). Other updates and bugfixes: * Import commit 37508f8ec1 (bsc#1267647). * Import commit c7530fbea3 (bsc#1261982 bsc#1261983). * Import commit 5c4ed461a7 (bsc#1261982). * Import commit 4b963df038 (bsc#1261983). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2809=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2809=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2809=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patchSUSE-SLE-Micro-5.3-2026-2809=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2809=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2809=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * systemd-journal-remote-debuginfo-249.17-150400.8.64.1 * udev-249.17-150400.8.64.1 * systemd-sysvinit-249.17-150400.8.64.1 * systemd-debuginfo-249.17-150400.8.64.1 * systemd-debugsource-249.17-150400.8.64.1 * systemd-container-249.17-150400.8.64.1 * systemd-container-debuginfo-249.17-150400.8.64.1 * systemd-journal-remote-249.17-150400.8.64.1 * udev-debuginfo-249.17-150400.8.64.1 * libsystemd0-249.17-150400.8.64.1 * libudev1-debuginfo-249.17-150400.8.64.1 * libsystemd0-debuginfo-249.17-150400.8.64.1 * libudev1-249.17-150400.8.64.1 * systemd-249.17-150400.8.64.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * systemd-journal-remote-debuginfo-249.17-150400.8.64.1 * udev-249.17-150400.8.64.1 * systemd-sysvinit-249.17-150400.8.64.1 * systemd-debuginfo-249.17-150400.8.64.1 * systemd-debugsource-249.17-150400.8.64.1 * systemd-container-249.17-150400.8.64.1 * systemd-container-debuginfo-249.17-150400.8.64.1 * systemd-journal-remote-249.17-150400.8.64.1 * udev-debuginfo-249.17-150400.8.64.1 * libsystemd0-249.17-150400.8.64.1 * libudev1-debuginfo-249.17-150400.8.64.1 * libsystemd0-debuginfo-249.17-150400.8.64.1 * libudev1-249.17-150400.8.64.1 * systemd-249.17-150400.8.64.1 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * systemd-sysvinit-249.17-150400.8.64.1 * systemd-debugsource-249.17-150400.8.64.1 * systemd-mini-doc-249.17-150400.8.64.1 * systemd-container-debuginfo-249.17-150400.8.64.1 * libudev-mini1-249.17-150400.8.64.1 * nss-systemd-249.17-150400.8.64.1 * systemd-mini-249.17-150400.8.64.1 * systemd-journal-remote-249.17-150400.8.64.1 *udev-mini-debuginfo-249.17-150400.8.64.1 * udev-debuginfo-249.17-150400.8.64.1 * libudev-mini1-debuginfo-249.17-150400.8.64.1 * systemd-portable-249.17-150400.8.64.1 * libsystemd0-debuginfo-249.17-150400.8.64.1 * libsystemd0-mini-debuginfo-249.17-150400.8.64.1 * systemd-experimental-249.17-150400.8.64.1 * systemd-testsuite-249.17-150400.8.64.1 * systemd-debuginfo-249.17-150400.8.64.1 * systemd-mini-devel-249.17-150400.8.64.1 * systemd-coredump-debuginfo-249.17-150400.8.64.1 * systemd-mini-container-debuginfo-249.17-150400.8.64.1 * systemd-network-debuginfo-249.17-150400.8.64.1 * systemd-mini-debuginfo-249.17-150400.8.64.1 * libudev1-debuginfo-249.17-150400.8.64.1 * libsystemd0-249.17-150400.8.64.1 * systemd-devel-249.17-150400.8.64.1 * nss-systemd-debuginfo-249.17-150400.8.64.1 * systemd-experimental-debuginfo-249.17-150400.8.64.1 * systemd-249.17-150400.8.64.1 * udev-mini-249.17-150400.8.64.1 * systemd-journal-remote-debuginfo-249.17-150400.8.64.1 * systemd-testsuite-debuginfo-249.17-150400.8.64.1 * systemd-mini-debugsource-249.17-150400.8.64.1 * systemd-mini-sysvinit-249.17-150400.8.64.1 * systemd-coredump-249.17-150400.8.64.1 * nss-myhostname-249.17-150400.8.64.1 * systemd-doc-249.17-150400.8.64.1 * udev-249.17-150400.8.64.1 * systemd-container-249.17-150400.8.64.1 * systemd-mini-container-249.17-150400.8.64.1 * nss-myhostname-debuginfo-249.17-150400.8.64.1 * systemd-portable-debuginfo-249.17-150400.8.64.1 * libsystemd0-mini-249.17-150400.8.64.1 * systemd-network-249.17-150400.8.64.1 * libudev1-249.17-150400.8.64.1 * openSUSE Leap 15.4 (x86_64) * nss-myhostname-32bit-debuginfo-249.17-150400.8.64.1 * libudev1-32bit-249.17-150400.8.64.1 * libudev1-32bit-debuginfo-249.17-150400.8.64.1 * nss-myhostname-32bit-249.17-150400.8.64.1 * systemd-32bit-249.17-150400.8.64.1 * systemd-32bit-debuginfo-249.17-150400.8.64.1 *libsystemd0-32bit-debuginfo-249.17-150400.8.64.1 * libsystemd0-32bit-249.17-150400.8.64.1 * openSUSE Leap 15.4 (aarch64_ilp32) * nss-myhostname-64bit-debuginfo-249.17-150400.8.64.1 * systemd-64bit-debuginfo-249.17-150400.8.64.1 * libudev1-64bit-249.17-150400.8.64.1 * systemd-64bit-249.17-150400.8.64.1 * nss-myhostname-64bit-249.17-150400.8.64.1 * libudev1-64bit-debuginfo-249.17-150400.8.64.1 * libsystemd0-64bit-249.17-150400.8.64.1 * libsystemd0-64bit-debuginfo-249.17-150400.8.64.1 * openSUSE Leap 15.4 (noarch) * systemd-lang-249.17-150400.8.64.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * systemd-journal-remote-debuginfo-249.17-150400.8.64.1 * udev-249.17-150400.8.64.1 * systemd-sysvinit-249.17-150400.8.64.1 * systemd-debuginfo-249.17-150400.8.64.1 * systemd-container-249.17-150400.8.64.1 * systemd-debugsource-249.17-150400.8.64.1 * systemd-container-debuginfo-249.17-150400.8.64.1 * systemd-journal-remote-249.17-150400.8.64.1 * udev-debuginfo-249.17-150400.8.64.1 * libsystemd0-249.17-150400.8.64.1 * libudev1-debuginfo-249.17-150400.8.64.1 * libsystemd0-debuginfo-249.17-150400.8.64.1 * libudev1-249.17-150400.8.64.1 * systemd-249.17-150400.8.64.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * systemd-journal-remote-debuginfo-249.17-150400.8.64.1 * udev-249.17-150400.8.64.1 * systemd-sysvinit-249.17-150400.8.64.1 * systemd-container-249.17-150400.8.64.1 * systemd-debugsource-249.17-150400.8.64.1 * systemd-debuginfo-249.17-150400.8.64.1 * systemd-container-debuginfo-249.17-150400.8.64.1 * systemd-journal-remote-249.17-150400.8.64.1 * udev-debuginfo-249.17-150400.8.64.1 * libsystemd0-249.17-150400.8.64.1 * libudev1-debuginfo-249.17-150400.8.64.1 * libsystemd0-debuginfo-249.17-150400.8.64.1 * libudev1-249.17-150400.8.64.1 * systemd-249.17-150400.8.64.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * systemd-journal-remote-debuginfo-249.17-150400.8.64.1 * udev-249.17-150400.8.64.1 * systemd-sysvinit-249.17-150400.8.64.1 * systemd-container-249.17-150400.8.64.1 * systemd-debugsource-249.17-150400.8.64.1 * systemd-debuginfo-249.17-150400.8.64.1 * systemd-container-debuginfo-249.17-150400.8.64.1 * systemd-journal-remote-249.17-150400.8.64.1 * udev-debuginfo-249.17-150400.8.64.1 * libsystemd0-249.17-150400.8.64.1 * libudev1-debuginfo-249.17-150400.8.64.1 * libsystemd0-debuginfo-249.17-150400.8.64.1 * libudev1-249.17-150400.8.64.1 * systemd-249.17-150400.8.64.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40226.html * https://bugzilla.suse.com/show_bug.cgi?id=1261400 * https://bugzilla.suse.com/show_bug.cgi?id=1261982 * https://bugzilla.suse.com/show_bug.cgi?id=1261983 * https://bugzilla.suse.com/show_bug.cgi?id=1267647 . A systemd update for openSUSE addresses one escape vulnerability and three security fixes to enhance system security.. systemd update, openSUSE vulnerability, security fixes, package management, moderate severity. . Severity: moderate. LinuxSecurity.com Team
An update that solves one vulnerability and has three security fixes can now be installed.. # Security update for systemd Announcement ID: SUSE-SU-2026:2809-1 Release Date: 2026-07-09T06:08:36Z Rating: moderate References: * bsc#1261400 * bsc#1261982 * bsc#1261983 * bsc#1267647 Cross-References: * CVE-2026-40226 CVSS scores: * CVE-2026-40226 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-40226 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40226 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability and has three security fixes can now be installed. ## Description: This update for systemd fixes the following issue Security issues fixed: * CVE-2026-40226: nspawn: escape-to-host via malformed optional config file (bsc#1261400). Other updates and bugfixes: * Import commit 37508f8ec1 (bsc#1267647). * Import commit c7530fbea3 (bsc#1261982 bsc#1261983). * Import commit 5c4ed461a7 (bsc#1261982). * Import commit 4b963df038 (bsc#1261983). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2809=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2809=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2809=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patchSUSE-SLE-Micro-5.3-2026-2809=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2809=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2809=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * systemd-journal-remote-debuginfo-249.17-150400.8.64.1 * udev-249.17-150400.8.64.1 * systemd-sysvinit-249.17-150400.8.64.1 * systemd-debuginfo-249.17-150400.8.64.1 * systemd-debugsource-249.17-150400.8.64.1 * systemd-container-249.17-150400.8.64.1 * systemd-container-debuginfo-249.17-150400.8.64.1 * systemd-journal-remote-249.17-150400.8.64.1 * udev-debuginfo-249.17-150400.8.64.1 * libsystemd0-249.17-150400.8.64.1 * libudev1-debuginfo-249.17-150400.8.64.1 * libsystemd0-debuginfo-249.17-150400.8.64.1 * libudev1-249.17-150400.8.64.1 * systemd-249.17-150400.8.64.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * systemd-journal-remote-debuginfo-249.17-150400.8.64.1 * udev-249.17-150400.8.64.1 * systemd-sysvinit-249.17-150400.8.64.1 * systemd-debuginfo-249.17-150400.8.64.1 * systemd-debugsource-249.17-150400.8.64.1 * systemd-container-249.17-150400.8.64.1 * systemd-container-debuginfo-249.17-150400.8.64.1 * systemd-journal-remote-249.17-150400.8.64.1 * udev-debuginfo-249.17-150400.8.64.1 * libsystemd0-249.17-150400.8.64.1 * libudev1-debuginfo-249.17-150400.8.64.1 * libsystemd0-debuginfo-249.17-150400.8.64.1 * libudev1-249.17-150400.8.64.1 * systemd-249.17-150400.8.64.1 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * systemd-sysvinit-249.17-150400.8.64.1 * systemd-debugsource-249.17-150400.8.64.1 * systemd-mini-doc-249.17-150400.8.64.1 * systemd-container-debuginfo-249.17-150400.8.64.1 * libudev-mini1-249.17-150400.8.64.1 * nss-systemd-249.17-150400.8.64.1 * systemd-mini-249.17-150400.8.64.1 * systemd-journal-remote-249.17-150400.8.64.1 *udev-mini-debuginfo-249.17-150400.8.64.1 * udev-debuginfo-249.17-150400.8.64.1 * libudev-mini1-debuginfo-249.17-150400.8.64.1 * systemd-portable-249.17-150400.8.64.1 * libsystemd0-debuginfo-249.17-150400.8.64.1 * libsystemd0-mini-debuginfo-249.17-150400.8.64.1 * systemd-experimental-249.17-150400.8.64.1 * systemd-testsuite-249.17-150400.8.64.1 * systemd-debuginfo-249.17-150400.8.64.1 * systemd-mini-devel-249.17-150400.8.64.1 * systemd-coredump-debuginfo-249.17-150400.8.64.1 * systemd-mini-container-debuginfo-249.17-150400.8.64.1 * systemd-network-debuginfo-249.17-150400.8.64.1 * systemd-mini-debuginfo-249.17-150400.8.64.1 * libudev1-debuginfo-249.17-150400.8.64.1 * libsystemd0-249.17-150400.8.64.1 * systemd-devel-249.17-150400.8.64.1 * nss-systemd-debuginfo-249.17-150400.8.64.1 * systemd-experimental-debuginfo-249.17-150400.8.64.1 * systemd-249.17-150400.8.64.1 * udev-mini-249.17-150400.8.64.1 * systemd-journal-remote-debuginfo-249.17-150400.8.64.1 * systemd-testsuite-debuginfo-249.17-150400.8.64.1 * systemd-mini-debugsource-249.17-150400.8.64.1 * systemd-mini-sysvinit-249.17-150400.8.64.1 * systemd-coredump-249.17-150400.8.64.1 * nss-myhostname-249.17-150400.8.64.1 * systemd-doc-249.17-150400.8.64.1 * udev-249.17-150400.8.64.1 * systemd-container-249.17-150400.8.64.1 * systemd-mini-container-249.17-150400.8.64.1 * nss-myhostname-debuginfo-249.17-150400.8.64.1 * systemd-portable-debuginfo-249.17-150400.8.64.1 * libsystemd0-mini-249.17-150400.8.64.1 * systemd-network-249.17-150400.8.64.1 * libudev1-249.17-150400.8.64.1 * openSUSE Leap 15.4 (x86_64) * nss-myhostname-32bit-debuginfo-249.17-150400.8.64.1 * libudev1-32bit-249.17-150400.8.64.1 * libudev1-32bit-debuginfo-249.17-150400.8.64.1 * nss-myhostname-32bit-249.17-150400.8.64.1 * systemd-32bit-249.17-150400.8.64.1 * systemd-32bit-debuginfo-249.17-150400.8.64.1 *libsystemd0-32bit-debuginfo-249.17-150400.8.64.1 * libsystemd0-32bit-249.17-150400.8.64.1 * openSUSE Leap 15.4 (aarch64_ilp32) * nss-myhostname-64bit-debuginfo-249.17-150400.8.64.1 * systemd-64bit-debuginfo-249.17-150400.8.64.1 * libudev1-64bit-249.17-150400.8.64.1 * systemd-64bit-249.17-150400.8.64.1 * nss-myhostname-64bit-249.17-150400.8.64.1 * libudev1-64bit-debuginfo-249.17-150400.8.64.1 * libsystemd0-64bit-249.17-150400.8.64.1 * libsystemd0-64bit-debuginfo-249.17-150400.8.64.1 * openSUSE Leap 15.4 (noarch) * systemd-lang-249.17-150400.8.64.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * systemd-journal-remote-debuginfo-249.17-150400.8.64.1 * udev-249.17-150400.8.64.1 * systemd-sysvinit-249.17-150400.8.64.1 * systemd-debuginfo-249.17-150400.8.64.1 * systemd-container-249.17-150400.8.64.1 * systemd-debugsource-249.17-150400.8.64.1 * systemd-container-debuginfo-249.17-150400.8.64.1 * systemd-journal-remote-249.17-150400.8.64.1 * udev-debuginfo-249.17-150400.8.64.1 * libsystemd0-249.17-150400.8.64.1 * libudev1-debuginfo-249.17-150400.8.64.1 * libsystemd0-debuginfo-249.17-150400.8.64.1 * libudev1-249.17-150400.8.64.1 * systemd-249.17-150400.8.64.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * systemd-journal-remote-debuginfo-249.17-150400.8.64.1 * udev-249.17-150400.8.64.1 * systemd-sysvinit-249.17-150400.8.64.1 * systemd-container-249.17-150400.8.64.1 * systemd-debugsource-249.17-150400.8.64.1 * systemd-debuginfo-249.17-150400.8.64.1 * systemd-container-debuginfo-249.17-150400.8.64.1 * systemd-journal-remote-249.17-150400.8.64.1 * udev-debuginfo-249.17-150400.8.64.1 * libsystemd0-249.17-150400.8.64.1 * libudev1-debuginfo-249.17-150400.8.64.1 * libsystemd0-debuginfo-249.17-150400.8.64.1 * libudev1-249.17-150400.8.64.1 * systemd-249.17-150400.8.64.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * systemd-journal-remote-debuginfo-249.17-150400.8.64.1 * udev-249.17-150400.8.64.1 * systemd-sysvinit-249.17-150400.8.64.1 * systemd-container-249.17-150400.8.64.1 * systemd-debugsource-249.17-150400.8.64.1 * systemd-debuginfo-249.17-150400.8.64.1 * systemd-container-debuginfo-249.17-150400.8.64.1 * systemd-journal-remote-249.17-150400.8.64.1 * udev-debuginfo-249.17-150400.8.64.1 * libsystemd0-249.17-150400.8.64.1 * libudev1-debuginfo-249.17-150400.8.64.1 * libsystemd0-debuginfo-249.17-150400.8.64.1 * libudev1-249.17-150400.8.64.1 * systemd-249.17-150400.8.64.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40226.html * https://bugzilla.suse.com/show_bug.cgi?id=1261400 * https://bugzilla.suse.com/show_bug.cgi?id=1261982 * https://bugzilla.suse.com/show_bug.cgi?id=1261983 * https://bugzilla.suse.com/show_bug.cgi?id=1267647 . This update addresses a crucial issue in systemd on SUSE with moderate severity, advised for immediate installation.. SUSE Security Update, systemd Vulnerability, SUSE Linux Security Update. . Severity: moderate. LinuxSecurity.com Team
An update that solves one vulnerability and has three security fixes can now be installed.. # Security update for systemd, systemd-mini Announcement ID: SUSE-SU-2026:2785-1 Release Date: 2026-07-08T06:48:14Z Rating: moderate References: * bsc#1261400 * bsc#1261982 * bsc#1261983 * bsc#1267647 Cross-References: * CVE-2026-40226 CVSS scores: * CVE-2026-40226 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-40226 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40226 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability and has three security fixes can now be installed. ## Description: This update for systemd, systemd-mini fixes the following issue Security issues fixed: * CVE-2026-40226: nspawn: escape-to-host via malformed optional config file (bsc#1261400). Other updates and bugfixes: * Import commit eba1930de8 (bsc#1267647). * Import commit 5d46cdd987 (bsc#1261982 bsc#1261983). * Import commit ac1173932c (bsc#1261982). * Import commit c7f3e89374 (bsc#1261983). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-2785=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-2785=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-2785=1 ## Package List: * openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64) * systemd-sysvinit-246.16-150300.7.74.1 * systemd-mini-246.16-150300.7.74.1 *udev-mini-246.16-150300.7.74.1 * systemd-portable-246.16-150300.7.74.1 * systemd-mini-devel-246.16-150300.7.74.1 * systemd-coredump-debuginfo-246.16-150300.7.74.1 * systemd-container-246.16-150300.7.74.1 * nss-mymachines-debuginfo-246.16-150300.7.74.1 * udev-mini-debuginfo-246.16-150300.7.74.1 * udev-debuginfo-246.16-150300.7.74.1 * systemd-network-debuginfo-246.16-150300.7.74.1 * systemd-mini-debuginfo-246.16-150300.7.74.1 * nss-systemd-debuginfo-246.16-150300.7.74.1 * libudev1-debuginfo-246.16-150300.7.74.1 * systemd-coredump-246.16-150300.7.74.1 * libsystemd0-mini-246.16-150300.7.74.1 * systemd-devel-246.16-150300.7.74.1 * nss-resolve-246.16-150300.7.74.1 * libudev-devel-246.16-150300.7.74.1 * libsystemd0-mini-debuginfo-246.16-150300.7.74.1 * nss-myhostname-246.16-150300.7.74.1 * systemd-246.16-150300.7.74.1 * libsystemd0-debuginfo-246.16-150300.7.74.1 * systemd-mini-sysvinit-246.16-150300.7.74.1 * systemd-doc-246.16-150300.7.74.1 * systemd-mini-container-246.16-150300.7.74.1 * udev-246.16-150300.7.74.1 * nss-systemd-246.16-150300.7.74.1 * libudev-mini1-246.16-150300.7.74.1 * systemd-network-246.16-150300.7.74.1 * nss-resolve-debuginfo-246.16-150300.7.74.1 * systemd-debuginfo-246.16-150300.7.74.1 * nss-mymachines-246.16-150300.7.74.1 * systemd-journal-remote-246.16-150300.7.74.1 * nss-myhostname-debuginfo-246.16-150300.7.74.1 * libudev-mini-devel-246.16-150300.7.74.1 * systemd-debugsource-246.16-150300.7.74.1 * systemd-mini-container-debuginfo-246.16-150300.7.74.1 * systemd-logger-246.16-150300.7.74.1 * libudev-mini1-debuginfo-246.16-150300.7.74.1 * libsystemd0-246.16-150300.7.74.1 * systemd-journal-remote-debuginfo-246.16-150300.7.74.1 * libudev1-246.16-150300.7.74.1 * systemd-container-debuginfo-246.16-150300.7.74.1 * systemd-mini-debugsource-246.16-150300.7.74.1 * systemd-portable-debuginfo-246.16-150300.7.74.1 * openSUSE Leap 15.3(aarch64_ilp32) * libsystemd0-64bit-debuginfo-246.16-150300.7.74.1 * libsystemd0-64bit-246.16-150300.7.74.1 * libudev-devel-64bit-246.16-150300.7.74.1 * nss-mymachines-64bit-246.16-150300.7.74.1 * nss-myhostname-64bit-246.16-150300.7.74.1 * nss-mymachines-64bit-debuginfo-246.16-150300.7.74.1 * systemd-64bit-246.16-150300.7.74.1 * nss-myhostname-64bit-debuginfo-246.16-150300.7.74.1 * libudev1-64bit-debuginfo-246.16-150300.7.74.1 * libudev1-64bit-246.16-150300.7.74.1 * systemd-64bit-debuginfo-246.16-150300.7.74.1 * openSUSE Leap 15.3 (x86_64) * libsystemd0-32bit-246.16-150300.7.74.1 * libudev1-32bit-246.16-150300.7.74.1 * libudev-devel-32bit-246.16-150300.7.74.1 * nss-mymachines-32bit-246.16-150300.7.74.1 * nss-myhostname-32bit-246.16-150300.7.74.1 * systemd-32bit-debuginfo-246.16-150300.7.74.1 * libsystemd0-32bit-debuginfo-246.16-150300.7.74.1 * nss-mymachines-32bit-debuginfo-246.16-150300.7.74.1 * systemd-32bit-246.16-150300.7.74.1 * nss-myhostname-32bit-debuginfo-246.16-150300.7.74.1 * libudev1-32bit-debuginfo-246.16-150300.7.74.1 * openSUSE Leap 15.3 (noarch) * systemd-lang-246.16-150300.7.74.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * systemd-sysvinit-246.16-150300.7.74.1 * systemd-debugsource-246.16-150300.7.74.1 * systemd-246.16-150300.7.74.1 * libsystemd0-debuginfo-246.16-150300.7.74.1 * libsystemd0-246.16-150300.7.74.1 * udev-246.16-150300.7.74.1 * systemd-container-246.16-150300.7.74.1 * systemd-journal-remote-debuginfo-246.16-150300.7.74.1 * libudev1-246.16-150300.7.74.1 * udev-debuginfo-246.16-150300.7.74.1 * systemd-container-debuginfo-246.16-150300.7.74.1 * systemd-debuginfo-246.16-150300.7.74.1 * libudev1-debuginfo-246.16-150300.7.74.1 * systemd-journal-remote-246.16-150300.7.74.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * systemd-sysvinit-246.16-150300.7.74.1 *systemd-debugsource-246.16-150300.7.74.1 * systemd-246.16-150300.7.74.1 * libsystemd0-debuginfo-246.16-150300.7.74.1 * libsystemd0-246.16-150300.7.74.1 * udev-246.16-150300.7.74.1 * systemd-container-246.16-150300.7.74.1 * systemd-journal-remote-debuginfo-246.16-150300.7.74.1 * libudev1-246.16-150300.7.74.1 * udev-debuginfo-246.16-150300.7.74.1 * systemd-container-debuginfo-246.16-150300.7.74.1 * systemd-debuginfo-246.16-150300.7.74.1 * libudev1-debuginfo-246.16-150300.7.74.1 * systemd-journal-remote-246.16-150300.7.74.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40226.html * https://bugzilla.suse.com/show_bug.cgi?id=1261400 * https://bugzilla.suse.com/show_bug.cgi?id=1261982 * https://bugzilla.suse.com/show_bug.cgi?id=1261983 * https://bugzilla.suse.com/show_bug.cgi?id=1267647 . # Security update for systemd, systemd-mini Announcement ID: SUSE-SU-2026:2785-1 Release Date: 2026-. update, solves, vulnerability, three, security, fixes, installed, securit. . Severity: moderate. LinuxSecurity.com Team
An update that solves one vulnerability and has three security fixes can now be installed.. # Security update for systemd, systemd-mini Announcement ID: SUSE-SU-2026:2785-1 Release Date: 2026-07-08T06:48:14Z Rating: moderate References: * bsc#1261400 * bsc#1261982 * bsc#1261983 * bsc#1267647 Cross-References: * CVE-2026-40226 CVSS scores: * CVE-2026-40226 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-40226 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40226 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability and has three security fixes can now be installed. ## Description: This update for systemd, systemd-mini fixes the following issue Security issues fixed: * CVE-2026-40226: nspawn: escape-to-host via malformed optional config file (bsc#1261400). Other updates and bugfixes: * Import commit eba1930de8 (bsc#1267647). * Import commit 5d46cdd987 (bsc#1261982 bsc#1261983). * Import commit ac1173932c (bsc#1261982). * Import commit c7f3e89374 (bsc#1261983). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-2785=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-2785=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-2785=1 ## Package List: * openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64) * systemd-sysvinit-246.16-150300.7.74.1 * systemd-mini-246.16-150300.7.74.1 *udev-mini-246.16-150300.7.74.1 * systemd-portable-246.16-150300.7.74.1 * systemd-mini-devel-246.16-150300.7.74.1 * systemd-coredump-debuginfo-246.16-150300.7.74.1 * systemd-container-246.16-150300.7.74.1 * nss-mymachines-debuginfo-246.16-150300.7.74.1 * udev-mini-debuginfo-246.16-150300.7.74.1 * udev-debuginfo-246.16-150300.7.74.1 * systemd-network-debuginfo-246.16-150300.7.74.1 * systemd-mini-debuginfo-246.16-150300.7.74.1 * nss-systemd-debuginfo-246.16-150300.7.74.1 * libudev1-debuginfo-246.16-150300.7.74.1 * systemd-coredump-246.16-150300.7.74.1 * libsystemd0-mini-246.16-150300.7.74.1 * systemd-devel-246.16-150300.7.74.1 * nss-resolve-246.16-150300.7.74.1 * libudev-devel-246.16-150300.7.74.1 * libsystemd0-mini-debuginfo-246.16-150300.7.74.1 * nss-myhostname-246.16-150300.7.74.1 * systemd-246.16-150300.7.74.1 * libsystemd0-debuginfo-246.16-150300.7.74.1 * systemd-mini-sysvinit-246.16-150300.7.74.1 * systemd-doc-246.16-150300.7.74.1 * systemd-mini-container-246.16-150300.7.74.1 * udev-246.16-150300.7.74.1 * nss-systemd-246.16-150300.7.74.1 * libudev-mini1-246.16-150300.7.74.1 * systemd-network-246.16-150300.7.74.1 * nss-resolve-debuginfo-246.16-150300.7.74.1 * systemd-debuginfo-246.16-150300.7.74.1 * nss-mymachines-246.16-150300.7.74.1 * systemd-journal-remote-246.16-150300.7.74.1 * nss-myhostname-debuginfo-246.16-150300.7.74.1 * libudev-mini-devel-246.16-150300.7.74.1 * systemd-debugsource-246.16-150300.7.74.1 * systemd-mini-container-debuginfo-246.16-150300.7.74.1 * systemd-logger-246.16-150300.7.74.1 * libudev-mini1-debuginfo-246.16-150300.7.74.1 * libsystemd0-246.16-150300.7.74.1 * systemd-journal-remote-debuginfo-246.16-150300.7.74.1 * libudev1-246.16-150300.7.74.1 * systemd-container-debuginfo-246.16-150300.7.74.1 * systemd-mini-debugsource-246.16-150300.7.74.1 * systemd-portable-debuginfo-246.16-150300.7.74.1 * openSUSE Leap 15.3(aarch64_ilp32) * libsystemd0-64bit-debuginfo-246.16-150300.7.74.1 * libsystemd0-64bit-246.16-150300.7.74.1 * libudev-devel-64bit-246.16-150300.7.74.1 * nss-mymachines-64bit-246.16-150300.7.74.1 * nss-myhostname-64bit-246.16-150300.7.74.1 * nss-mymachines-64bit-debuginfo-246.16-150300.7.74.1 * systemd-64bit-246.16-150300.7.74.1 * nss-myhostname-64bit-debuginfo-246.16-150300.7.74.1 * libudev1-64bit-debuginfo-246.16-150300.7.74.1 * libudev1-64bit-246.16-150300.7.74.1 * systemd-64bit-debuginfo-246.16-150300.7.74.1 * openSUSE Leap 15.3 (x86_64) * libsystemd0-32bit-246.16-150300.7.74.1 * libudev1-32bit-246.16-150300.7.74.1 * libudev-devel-32bit-246.16-150300.7.74.1 * nss-mymachines-32bit-246.16-150300.7.74.1 * nss-myhostname-32bit-246.16-150300.7.74.1 * systemd-32bit-debuginfo-246.16-150300.7.74.1 * libsystemd0-32bit-debuginfo-246.16-150300.7.74.1 * nss-mymachines-32bit-debuginfo-246.16-150300.7.74.1 * systemd-32bit-246.16-150300.7.74.1 * nss-myhostname-32bit-debuginfo-246.16-150300.7.74.1 * libudev1-32bit-debuginfo-246.16-150300.7.74.1 * openSUSE Leap 15.3 (noarch) * systemd-lang-246.16-150300.7.74.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * systemd-sysvinit-246.16-150300.7.74.1 * systemd-debugsource-246.16-150300.7.74.1 * systemd-246.16-150300.7.74.1 * libsystemd0-debuginfo-246.16-150300.7.74.1 * libsystemd0-246.16-150300.7.74.1 * udev-246.16-150300.7.74.1 * systemd-container-246.16-150300.7.74.1 * systemd-journal-remote-debuginfo-246.16-150300.7.74.1 * libudev1-246.16-150300.7.74.1 * udev-debuginfo-246.16-150300.7.74.1 * systemd-container-debuginfo-246.16-150300.7.74.1 * systemd-debuginfo-246.16-150300.7.74.1 * libudev1-debuginfo-246.16-150300.7.74.1 * systemd-journal-remote-246.16-150300.7.74.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * systemd-sysvinit-246.16-150300.7.74.1 *systemd-debugsource-246.16-150300.7.74.1 * systemd-246.16-150300.7.74.1 * libsystemd0-debuginfo-246.16-150300.7.74.1 * libsystemd0-246.16-150300.7.74.1 * udev-246.16-150300.7.74.1 * systemd-container-246.16-150300.7.74.1 * systemd-journal-remote-debuginfo-246.16-150300.7.74.1 * libudev1-246.16-150300.7.74.1 * udev-debuginfo-246.16-150300.7.74.1 * systemd-container-debuginfo-246.16-150300.7.74.1 * systemd-debuginfo-246.16-150300.7.74.1 * libudev1-debuginfo-246.16-150300.7.74.1 * systemd-journal-remote-246.16-150300.7.74.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40226.html * https://bugzilla.suse.com/show_bug.cgi?id=1261400 * https://bugzilla.suse.com/show_bug.cgi?id=1261982 * https://bugzilla.suse.com/show_bug.cgi?id=1261983 * https://bugzilla.suse.com/show_bug.cgi?id=1267647 . A security update for SUSE addresses a moderate issue in systemd with fixes for one vulnerability and other improvements.. SUSE Linux security update, systemd vulnerability fix, openSUSE security advisory. . Severity: moderate. LinuxSecurity.com Team
-------------------------------------------------------------. openSUSE security update: security update for systemd ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21222-1 Rating: important References: * bsc#1245551 * bsc#1248261 * bsc#1251948 * bsc#1254924 * bsc#1259071 * bsc#1260357 * bsc#1261982 * bsc#1261983 * bsc#1262305 * bsc#1263117 * bsc#1267644 * bsc#1267647 Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that has 12 bug fixes can now be installed. Description: This update for systemd fixes the following issues: Changes in systemd: - Better handle TLS allocation failure (bsc#1254924). - Disable mounting `debugfs` by default (jsc#PED-8812). - Import commit 9e8b5afe0fb2061f4a17a3022469dd62f2683960 (bsc#1267647 bsc#1267644 bsc#1262305 bsc#1263117). - Move `systemd-pcrlock` out from the experimental sub-package to `udev` (bsc#1248261 jsc#PED-15946). - Add a weak runtime dependency on `libtss2-tcti-device0` (bsc#1260357). - Import commit 59336000ef7850eba0963c6a690ff3371c425929 (bsc#1261982 bsc#1261983). - Add a weak runtime dependency on `polkit` (bsc#1259071). - systemd-update-helper: fix the clean-state command only removing `$STATE_DIR/system` instead of `$STATE_DIR/`. - systemd-update-helper: add `--root` option for testing convenience. - systemd-update-helper: fix incorrect skipping of `systemctl disable` during package removal (bsc#1245551). - systemd-update-helper: fix `do_install_units()` incorrectly returning 1 when no units need preset. - systemd.spec: introduce `%bcond_without` docs to allow skipping man pages and `devel-doc`. - systemd.spec: drop the `%{release}` number from the SBAT version (bsc#1251948). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSELeap 16.0 zypper in -t patch openSUSE-Leap-16.0-1151=1 Package List: - openSUSE Leap 16.0: libsystemd0-257.13-160000.2.1 libudev1-257.13-160000.2.1 systemd-257.13-160000.2.1 systemd-boot-257.13-160000.2.1 systemd-container-257.13-160000.2.1 systemd-devel-257.13-160000.2.1 systemd-doc-257.13-160000.2.1 systemd-experimental-257.13-160000.2.1 systemd-homed-257.13-160000.2.1 systemd-journal-remote-257.13-160000.2.1 systemd-lang-257.13-160000.2.1 systemd-mini-experimental-257.13-160000.2.1 systemd-networkd-257.13-160000.2.1 systemd-portable-257.13-160000.2.1 systemd-resolved-257.13-160000.2.1 systemd-testsuite-257.13-160000.2.1 udev-257.13-160000.2.1 . Systemd update for openSUSE addresses important issues with multiple bug fixes and critical improvements for stability.. systemd update, openSUSE patch, security advisory, bug fix. . Severity: Important. LinuxSecurity.com Team
Several security issues were fixed in systemd.. ========================================================================== Ubuntu Security Notice USN-8402-1 June 08, 2026 systemd vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in systemd. Software Description: - systemd: system and service manager Details: It was discovered that systemd-nspawn incorrectly handled certain optional configuration files. A local attacker could possibly use this issue to escape to the host system and execute arbitrary code. (CVE-2026-40226) It was discovered that systemd-resolved incorrectly validated DNSSEC records for signed domains. An attacker could possibly use this issue to manipulate DNS records. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-7008) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 libsystemd0 257.9-0ubuntu2.5 libudev1 257.9-0ubuntu2.5 systemd 257.9-0ubuntu2.5 udev 257.9-0ubuntu2.5 Ubuntu 24.04 LTS libsystemd0 255.4-1ubuntu8.16 libudev1 255.4-1ubuntu8.16 systemd 255.4-1ubuntu8.16 udev 255.4-1ubuntu8.16 Ubuntu 22.04 LTS libnss-resolve 249.11-0ubuntu3.21 libsystemd0 249.11-0ubuntu3.21 libudev1 249.11-0ubuntu3.21 systemd 249.11-0ubuntu3.21 udev 249.11-0ubuntu3.21 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8402-1 CVE-2023-7008, CVE-2026-40226 Package Information: https://launchpad.net/ubuntu/+source/systemd/257.9-0ubuntu2.5 https://launchpad.net/ubuntu/+source/systemd/255.4-1ubuntu8.16 https://launchpad.net/ubuntu/+source/systemd/249.11-0ubuntu3.21 . Several security issues in systemd for Ubuntu fixed, including critical authentication flaws affecting system integrity.. Ubuntu systemd security issues, systemd vulnerabilities, software update Ubuntu. . Severity: Critical. LinuxSecurity.com Team
Several security issues were fixed in systemd.. ========================================================================== Ubuntu Security Notice USN-8402-1 June 08, 2026 systemd vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in systemd. Software Description: - systemd: system and service manager Details: It was discovered that systemd-nspawn incorrectly handled certain optional configuration files. A local attacker could possibly use this issue to escape to the host system and execute arbitrary code. (CVE-2026-40226) It was discovered that systemd-resolved incorrectly validated DNSSEC records for signed domains. An attacker could possibly use this issue to manipulate DNS records. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-7008) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 libsystemd0 257.9-0ubuntu2.5 libudev1 257.9-0ubuntu2.5 systemd 257.9-0ubuntu2.5 udev 257.9-0ubuntu2.5 Ubuntu 24.04 LTS libsystemd0 255.4-1ubuntu8.16 libudev1 255.4-1ubuntu8.16 systemd 255.4-1ubuntu8.16 udev 255.4-1ubuntu8.16 Ubuntu 22.04 LTS libnss-resolve 249.11-0ubuntu3.21 libsystemd0 249.11-0ubuntu3.21 libudev1 249.11-0ubuntu3.21 systemd 249.11-0ubuntu3.21 udev 249.11-0ubuntu3.21 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8402-1 CVE-2023-7008, CVE-2026-40226 Package Information: https://launchpad.net/ubuntu/+source/systemd/257.9-0ubuntu2.5 https://launchpad.net/ubuntu/+source/systemd/255.4-1ubuntu8.16 https://launchpad.net/ubuntu/+source/systemd/249.11-0ubuntu3.21 . Several security issues in Ubuntu's systemd fixed with necessary updates. Critical threats addressed for local attack scenarios.. Ubuntu systemd patch, systemd security, Ubuntu security update. . Severity: Critical. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.