[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-4105

Fri Mar 13 18:41:19 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8a13483b by Salvatore Bonaccorso at 2026-03-13T19:40:22+01:00
Update status for CVE-2026-4105

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,11 @@
 CVE-2026-4105
 	- systemd 260~rc3-1
+	[trixie] - systemd <no-dsa> (Only exloitable with custom polkit policy that allows register-machine access)
+	[bookworm] - systemd <no-dsa> (Only exloitable with custom polkit policy that allows register-machine access)
 	NOTE: https://github.com/systemd/systemd/security/advisories/GHSA-4h6x-r8vx-3862
-	NOTE: https://github.com/systemd/systemd/commit/6df5f80bd374be1b45c52d740e88f0236da922c7 (v260-rc3)
+	NOTE: Introduced with: https://github.com/systemd/systemd/commit/fbe550738d03b178bb004a1390e74115e904118a (v225)
+	NOTE: Fixed by: https://github.com/systemd/systemd/commit/6df5f80bd374be1b45c52d740e88f0236da922c7 (v260-rc3)
+	NOTE: Fixed by: https://github.com/systemd/systemd/commit/497d0172416cbb5b70f96b95399d041407c223bd (v259.4)
 CVE-2026-2673 [openssl: Fix group tuple handling in DEFAULT expansion]
 	- openssl <unfixed>
 	[trixie] - openssl <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a13483b383c8f611fe71db5a4cb6239fdd1b0cd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a13483b383c8f611fe71db5a4cb6239fdd1b0cd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260313/19db7a5c/attachment.htm>
