Fluid Attacks Database

Description

In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	systemd	=257.7-1 \|\| =257.8-1~deb13u1 \|\| =257.8-1~deb13u2 \|\| =257.9-1~deb13u1 \|\| =258-1 \|\| =258.1-1 \|\| =258.1-2 \|\| =258~rc1-1 \|\| =258~rc2-1 \|\| =258~rc2-2 \|\| =258~rc3-1 \|\| =258~rc4-1 \|\| =259-1 \|\| =259.1-1 \|\| =259~rc1-1 \|\| =259~rc2-1 \|\| =259~rc3-1 \|\| =260-1 \|\| =260~rc1-1 \|\| =260~rc1-2 \|\| =260~rc2-1 \|\| =260~rc3-1 \|\| =260~rc4-1 \|\| >=0 <260.1-1	260.1-1

Aliases

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.