VDB

DEBIAN-CVE-2026-40224

DEBIAN-CVE-2026-40224 PUBLISHED CVSS 7.300000190734863 HIGH

In systemd 259 before 260, there is local privilege escalation in systemd-machined because varlink can be used to reach the root namespace.

Risk Scores

CVSS v3.1
7.300000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Debian:14systemd0, 257.8-1~deb13u2, 258-1

Timeline

  • Apr 10, 2026 CVE Published
  • Apr 28, 2026 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›