Red Hat alert RHSA-2026:13677-01 (systemd)

An update for systemd is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

The systemd packages contain systemd, a system and service manager for Linux,
compatible with the SysV and LSB init scripts. It provides aggressive
parallelism capabilities, uses socket and D-Bus activation for starting
services, offers on-demand starting of daemons, and keeps track of processes
using Linux cgroups. In addition, it supports snapshotting and restoring of
the system state, maintains mount and automount points, and implements an
elaborate transactional dependency-based service control logic. It can also
work as a drop-in replacement for sysvinit.

Security Fix(es):

* systemd: systemd: Arbitrary code execution or Denial of Service via
spurious IPC API call data (CVE-2026-29111)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0
International License (https://creativecommons.org/licenses/by/4.0/). If you
distribute this content, or a modified version of it, you must provide
attribution to Red Hat Inc. and provide a link to the original.

Original: https://access.redhat.com/security/data/csaf/v2/advisories/2026/rhsa-2026_13677.json