DescriptionA vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
Debian Bugs1026831

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
systemd (PTS)buster, buster (security)241-7~deb10u8vulnerable
bookworm, sid252.5-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs


[bullseye] - systemd <no-dsa> (Minor issue; can be fixed via point release)
[buster] - systemd <ignored> (Optional feature; disabled by default)
Preparation (main branch commit only):
Fixed by:
Fixed by: (v247.13)
Affects only v246 and newer (when acl support was enabled by default), and only if building with libacl support
Optional (disabled by default) faulty behaviour introduced by v215

Search for package or bug name: Reporting problems