CVE-2025-29906 Finit bundled getty can bypass /bin/login

Finit is a fast init for Linux systems. Versions starting from 3.0-rc1 and prior to version 4.11 bundle an implementation of getty for the tty configuration directive that can bypass /bin/login, i.e., a user can log in as any user without authentication. This issue has been patched in version 4.1...

CVE-2025-29906 Finit bundled getty can bypass /bin/login

Finit is a fast init for Linux systems. Versions starting from 3.0-rc1 and prior to version 4.11 bundle an implementation of getty for the tty configuration directive that can bypass /bin/login, i.e., a user can log in as any user without authentication. This issue has been patched in version 4.1...

CVE-2025-29906

Finit is a fast init for Linux systems. Versions starting from 3.0-rc1 and prior to version 4.11 bundle an implementation of getty for the tty configuration directive that can bypass /bin/login, i.e., a user can log in as any user without authentication. This issue has been patched in version 4.1...

CVE-2025-29906

CVE-2025-29906 affects Finit, a fast init for Linux. Versions 3.0-rc1 up to and including 4.10 bundle a getty implementation for the tty directive that can bypass /bin/login, allowing login without authentication. The issue is fixed in version 4.11. Affected users should upgrade to 4.11 or later;...

CVE-2025-29906 Finit bundled getty can bypass /bin/login

Finit is a fast init for Linux systems. Versions starting from 3.0-rc1 and prior to version 4.11 bundle an implementation of getty for the tty configuration directive that can bypass /bin/login, i.e., a user can log in as any user without authentication. This issue has been patched in version 4.1...

finit 授权问题漏洞

finit is a quick initialization tool for Linux by Joachim Wiberg, a personal developer. An authorization issue vulnerability exists in finit versions prior to 4.11, which stems from a tty configuration directive that bypasses /bin/login and could result in an unauthenticated user logging in...

PT-2025-18214 · Finit +1 · Finit +1

Name of the Vulnerable Software and Affected Versions: Finit versions 3.0-rc1 through 4.11 Description: Finit is a fast init for Linux systems. The issue concerns the implementation of getty for the tty configuration directive, which can bypass /bin/login, allowing a user to log in as any user...

AZL-67605 CVE-2024-53219 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: virtiofs: use pages instead of pointer for kernel direct IO When trying to insert a 10MB kernel module kept in a virtio-fs with cache disabled, the following warning was reported: ------------ cut here ------------ WARNING: CPU: ...

PT-2024-35666

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.9.0-rc5+ Description A vulnerability in the Linux kernel has been resolved, related to the virtiofs module. When trying to insert a 10MB kernel module kept in a virtio-fs with cache disabled, a warning is...

PT-2024-40890 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state includes functions such as ireclaim, interp reclaim, and gs main finit. No...

OSV-2021-1754 UNKNOWN READ in insert_free_size

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42917 Crash type: UNKNOWN READ Crash state: insertfreesize chunkfreeobject pdfipscriptstackfinit...