Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.10 views

Fedora 44 : haveged (2026-02b08daa05)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-02b08daa05 advisory. Update to 1.9.22 fix systemd sandboxing: add ReadWritePaths=/dev/shm for semaphore creation Backport fix for CVE-2026-41054: privilege escalation via command...

7.8CVSS5.6AI score0.00185EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/30 12:0 a.m.9 views

Fedora 43 : haveged (2026-5d9b0e2c17)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5d9b0e2c17 advisory. Update to 1.9.22 fix systemd sandboxing: add ReadWritePaths=/dev/shm for semaphore creation ---- Backport fix for CVE-2026-41054: privilege escalation via...

7.8CVSS5.8AI score0.00185EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.16 views

Debian dsa-6292 : haveged - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6292 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6292-1 [email protected] https://www.debian.org/security/...

7.8CVSS5.8AI score0.00185EPSS
Exploits0References5
NVD
NVD
added 2026/05/20 10:16 a.m.16 views

CVE-2026-41054

In src/havegecmd.c, the sockethandler function performs a credential check on the abstract UNIX socket \0/sys/entropy/haveged. However, while it detects if the connecting user is not root cred.uid != 0 and prepares a negative acknowledgement ASCIINAK, it fails to stop execution. The code proceeds...

7.8CVSS0.00185EPSS
Exploits0References8
OSV
OSV
added 2026/05/20 10:16 a.m.10 views

ALPINE-CVE-2026-41054

In src/havegecmd.c, the sockethandler function performs a credential check on the abstract UNIX socket \0/sys/entropy/haveged. However, while it detects if the connecting user is not root cred.uid != 0 and prepares a negative acknowledgement ASCIINAK, it fails to stop execution. The code proceeds...

7.8CVSS6AI score0.00185EPSS
Exploits0References1
Circl
Circl
added 2026/05/19 12:47 p.m.10 views

CVE-2026-41054

creationtimestamp| type| source ---|---|--- 2026-05-19 12:47:53+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mm7gf7pxbp2e 2026-05-19 14:02:58+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mm7klht65r2b 2026-05-20 00:38:39+00:00| seen|...

7.8CVSS5.8AI score0.00185EPSS
Exploits0References11
SUSE Linux
SUSE Linux
added 2026/05/19 11:55 a.m.10 views

Security update for haveged

This update for haveged fixes the following issue CVE-2026-41054: missing exit out of permission check could lead to root exploit bsc1264086. Changes for haveged: Improvements on the linux kernel random subsystem have made move forward to socket communication within private network Fix "stop" of...

7.8CVSS5.8AI score0.00185EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/05/19 11:55 a.m.7 views

Security update for haveged

This update for haveged fixes the following issue CVE-2026-41054: missing exit out of permission check could lead to root exploit bsc1264086. Changes for haveged: Improvements on the linux kernel random subsystem have made move forward to socket communication within private network Fix "stop" of...

7.8CVSS5.8AI score0.00185EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-41054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In src/havegecmd.c, the sockethandler function performs a credential check on the abstract UNIX socket \0/sys/entropy/haveged. However, while it detects if the...

7.8CVSS5.9AI score0.00185EPSS
Exploits0References3
Rows per page
Query Builder