9 matches found
Fedora 44 : haveged (2026-02b08daa05)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-02b08daa05 advisory. Update to 1.9.22 fix systemd sandboxing: add ReadWritePaths=/dev/shm for semaphore creation Backport fix for CVE-2026-41054: privilege escalation via command...
Fedora 43 : haveged (2026-5d9b0e2c17)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5d9b0e2c17 advisory. Update to 1.9.22 fix systemd sandboxing: add ReadWritePaths=/dev/shm for semaphore creation ---- Backport fix for CVE-2026-41054: privilege escalation via...
Debian dsa-6292 : haveged - security update
The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6292 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6292-1 [email protected] https://www.debian.org/security/...
CVE-2026-41054
In src/havegecmd.c, the sockethandler function performs a credential check on the abstract UNIX socket \0/sys/entropy/haveged. However, while it detects if the connecting user is not root cred.uid != 0 and prepares a negative acknowledgement ASCIINAK, it fails to stop execution. The code proceeds...
ALPINE-CVE-2026-41054
In src/havegecmd.c, the sockethandler function performs a credential check on the abstract UNIX socket \0/sys/entropy/haveged. However, while it detects if the connecting user is not root cred.uid != 0 and prepares a negative acknowledgement ASCIINAK, it fails to stop execution. The code proceeds...
CVE-2026-41054
creationtimestamp| type| source ---|---|--- 2026-05-19 12:47:53+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mm7gf7pxbp2e 2026-05-19 14:02:58+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mm7klht65r2b 2026-05-20 00:38:39+00:00| seen|...
Security update for haveged
This update for haveged fixes the following issue CVE-2026-41054: missing exit out of permission check could lead to root exploit bsc1264086. Changes for haveged: Improvements on the linux kernel random subsystem have made move forward to socket communication within private network Fix "stop" of...
Security update for haveged
This update for haveged fixes the following issue CVE-2026-41054: missing exit out of permission check could lead to root exploit bsc1264086. Changes for haveged: Improvements on the linux kernel random subsystem have made move forward to socket communication within private network Fix "stop" of...
Linux Distros Unpatched Vulnerability : CVE-2026-41054
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In src/havegecmd.c, the sockethandler function performs a credential check on the abstract UNIX socket \0/sys/entropy/haveged. However, while it detects if the...