CVE-2026-44931

EUVD-2026-29921
The newly introduced  RecordUsage D-Bus method https://gitlab.freedesktop.org/pwithnall/malcontent/-/blob/0.14.0/libmalcontent-timer/child-timer-service.c  in
malcontent-timerd allows arbitrary users in the system to slowly fill up disk space
in /var/lib/malcontent-timerd
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Debian logo
Debian Releases
Debian Product
Codename
malcontent
bookworm
0.11.0-4
fixed
bullseye
0.10.0-2
fixed
forky
0.13.1-5
fixed
sid
0.13.1-5
fixed
trixie
0.13.0-2+deb13u1
fixed
Common Weakness Enumeration
References
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2026-44931
https://security.opensuse.org/2026/05/11/malcontent-disk-space-dos.html
http://www.openwall.com/lists/oss-security/2026/05/11/1