CVE-2025-32022 Finit has heap based buffer overwrite in urandom.so plugin

Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. The urandom plugin is enabled by default, so this bug affects...

PT-2025-18214 · Finit +1 · Finit +1

Name of the Vulnerable Software and Affected Versions: Finit versions 3.0-rc1 through 4.11 Description: Finit is a fast init for Linux systems. The issue concerns the implementation of getty for the tty configuration directive, which can bypass /bin/login, allowing a user to log in as any user...