PT-2026-31987 · Systemd · Systemd
Aaron Rainbolt
·
Published
2026-04-10
·
Updated
2026-05-05
·
CVE-2026-40228
CVSS v3.1
3.3
Low
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
systemd version 259
Description
In systemd 259, the
systemd-journald component can transmit ANSI escape sequences to the terminals of arbitrary users when a 'logger -p emerg' command is executed, provided that ForwardToWall=yes is configured. This can potentially lead to unexpected behavior or display manipulation for users.Recommendations
Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider setting
ForwardToWall=no in the systemd configuration to prevent the transmission of ANSI escape sequences to all user terminals.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Systemd