Missing exit out of permission check in haveged could lead...

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

In `src/havegecmd.c`, the `socket_handler` function performs a credential check on the abstract UNIX socket (`\0/sys/entropy/haveged`). However, while it detects if the connecting user is not root (`cred.uid != 0`) and prepares a negative acknowledgement (`ASCII_NAK`), it **fails to stop execution**. The code proceeds to the `switch` statement, allowing any local unprivileged user to execute privileged commands such as `MAGIC_CHROOT`.

Basic Information

ID CVE-2026-41054

Source suse

Published May 20, 2026 at 08:56

Modified May 20, 2026 at 09:09

Affected Product

Vendor SUSE

Product Container suse/sle-micro-rancher/5.3:latest

Version ?

Affected Versions SUSE Container suse/sle-micro-rancher/5.3:latest ?
SUSE Container suse/sle-micro-rancher/5.3:latest ?
SUSE Container suse/sle-micro-rancher/5.4:latest ?
SUSE Container suse/sle-micro-rancher/5.4:latest ?
SUSE Container suse/sle-micro/5.5:latest ?
SUSE Container suse/sle-micro/5.5:latest ?
SUSE Image SLES15-SP4-SAP-BYOS ?
SUSE Image SLES15-SP4-SAP-BYOS ?
SUSE Image SLES15-SP4-SAP-BYOS-Azure ?
SUSE Image SLES15-SP4-SAP-BYOS-Azure ?
SUSE Image SLES15-SP4-SAP-BYOS-EC2 ?
SUSE Image SLES15-SP4-SAP-BYOS-EC2 ?
SUSE Image SLES15-SP4-SAP-BYOS-GCE ?
SUSE Image SLES15-SP4-SAP-BYOS-GCE ?
SUSE Image SLES15-SP4-SAP-Hardened ?
SUSE Image SLES15-SP4-SAP-Hardened ?
SUSE Image SLES15-SP4-SAP-Hardened-BYOS ?
SUSE Image SLES15-SP4-SAP-Hardened-BYOS ?
SUSE Image SLES15-SP4-SAP-Hardened-BYOS-Azure ?
SUSE Image SLES15-SP4-SAP-Hardened-BYOS-Azure ?
SUSE Image SLES15-SP4-SAP-Hardened-BYOS-EC2 ?
SUSE Image SLES15-SP4-SAP-Hardened-BYOS-EC2 ?
SUSE Image SLES15-SP4-SAP-Hardened-BYOS-GCE ?
SUSE Image SLES15-SP4-SAP-Hardened-BYOS-GCE ?
SUSE Image SLES15-SP4-SAP-Hardened-GCE ?
SUSE Image SLES15-SP4-SAP-Hardened-GCE ?
SUSE SUSE Linux Enterprise Desktop 15 SP7 ?
SUSE SUSE Linux Enterprise Desktop 15 SP7 ?
SUSE SUSE Linux Enterprise Desktop 15 SP7 ?
SUSE SUSE Linux Enterprise High Performance Computing 15 SP7 ?
SUSE SUSE Linux Enterprise High Performance Computing 15 SP7 ?
SUSE SUSE Linux Enterprise High Performance Computing 15 SP7 ?
SUSE SUSE Linux Enterprise Module for Basesystem 15 SP7 ?
SUSE SUSE Linux Enterprise Module for Basesystem 15 SP7 ?
SUSE SUSE Linux Enterprise Module for Basesystem 15 SP7 ?
SUSE SUSE Linux Enterprise Server 15 SP7 ?
SUSE SUSE Linux Enterprise Server 15 SP7 ?
SUSE SUSE Linux Enterprise Server 15 SP7 ?
SUSE SUSE Linux Enterprise Server for SAP Applications 15 SP7 ?
SUSE SUSE Linux Enterprise Server for SAP Applications 15 SP7 ?
SUSE SUSE Linux Enterprise Server for SAP Applications 15 SP7 ?
SUSE SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS ?
SUSE SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS ?
SUSE SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS ?
SUSE SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS ?
SUSE SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS ?
SUSE SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS ?
SUSE SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS ?
SUSE SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS ?
SUSE SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS ?
SUSE SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS ?
SUSE SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS ?
SUSE SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS ?
SUSE SUSE Linux Enterprise Micro 5.3 ?
SUSE SUSE Linux Enterprise Micro 5.3 ?
SUSE SUSE Linux Enterprise Micro 5.4 ?
SUSE SUSE Linux Enterprise Micro 5.4 ?
SUSE SUSE Linux Enterprise Micro 5.5 ?
SUSE SUSE Linux Enterprise Micro 5.5 ?
SUSE SUSE Linux Enterprise Server 15 SP4-LTSS ?
SUSE SUSE Linux Enterprise Server 15 SP4-LTSS ?
SUSE SUSE Linux Enterprise Server 15 SP4-LTSS ?
SUSE SUSE Linux Enterprise Server 15 SP5-LTSS ?
SUSE SUSE Linux Enterprise Server 15 SP5-LTSS ?
SUSE SUSE Linux Enterprise Server 15 SP5-LTSS ?
SUSE SUSE Linux Enterprise Server 15 SP6-LTSS ?
SUSE SUSE Linux Enterprise Server 15 SP6-LTSS ?
SUSE SUSE Linux Enterprise Server 15 SP6-LTSS ?
SUSE SUSE Linux Enterprise Server for SAP Applications 15 SP4 ?
SUSE SUSE Linux Enterprise Server for SAP Applications 15 SP4 ?
SUSE SUSE Linux Enterprise Server for SAP Applications 15 SP4 ?
SUSE SUSE Linux Enterprise Server for SAP Applications 15 SP5 ?
SUSE SUSE Linux Enterprise Server for SAP Applications 15 SP5 ?
SUSE SUSE Linux Enterprise Server for SAP Applications 15 SP5 ?
SUSE SUSE Linux Enterprise Server for SAP Applications 15 SP6 ?
SUSE SUSE Linux Enterprise Server for SAP Applications 15 SP6 ?
SUSE SUSE Linux Enterprise Server for SAP Applications 15 SP6 ?
SUSE SUSE Manager Proxy LTS 4.3 ?
SUSE SUSE Manager Proxy LTS 4.3 ?
SUSE SUSE Manager Proxy LTS 4.3 ?
SUSE SUSE Manager Retail Branch Server LTS 4.3 ?
SUSE SUSE Manager Retail Branch Server LTS 4.3 ?
SUSE SUSE Manager Retail Branch Server LTS 4.3 ?
SUSE SUSE Manager Server LTS 4.3 ?
SUSE SUSE Manager Server LTS 4.3 ?
SUSE SUSE Manager Server LTS 4.3 ?

CWE Classification

CWE-305

References

bugzilla.suse.com /show_bug.cgi

{
    "lastseen": "",
    "description": "In `src/havegecmd.c`, the `socket_handler` function performs a credential check on the abstract UNIX socket (`\\0/sys/entropy/haveged`). However, while it detects if the connecting user is not root (`cred.uid != 0`) and prepares a negative acknowledgement (`ASCII_NAK`), it **fails to stop execution**. The code proceeds to the `switch` statement, allowing any local unprivileged user to execute privileged commands such as `MAGIC_CHROOT`.",
    "published": "2026-05-20T08:56:14.466Z",
    "modified": "2026-05-20T09:09:33.506Z",
    "type": "cve",
    "title": "Missing exit out of permission check in haveged could lead to root exploit",
    "source": "suse",
    "references": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2026-41054",
    "id": "CVE-2026-41054",
    "bulletinFamily": "",
    "cwe": [
        "CWE-305"
    ],
    "cvelist": null,
    "sourceData": "SUSE Container suse/sle-micro-rancher/5.3:latest ?\nSUSE Container suse/sle-micro-rancher/5.3:latest ?\nSUSE Container suse/sle-micro-rancher/5.4:latest ?\nSUSE Container suse/sle-micro-rancher/5.4:latest ?\nSUSE Container suse/sle-micro/5.5:latest ?\nSUSE Container suse/sle-micro/5.5:latest ?\nSUSE Image SLES15-SP4-SAP-BYOS ?\nSUSE Image SLES15-SP4-SAP-BYOS ?\nSUSE Image SLES15-SP4-SAP-BYOS-Azure ?\nSUSE Image SLES15-SP4-SAP-BYOS-Azure ?\nSUSE Image SLES15-SP4-SAP-BYOS-EC2 ?\nSUSE Image SLES15-SP4-SAP-BYOS-EC2 ?\nSUSE Image SLES15-SP4-SAP-BYOS-GCE ?\nSUSE Image SLES15-SP4-SAP-BYOS-GCE ?\nSUSE Image SLES15-SP4-SAP-Hardened ?\nSUSE Image SLES15-SP4-SAP-Hardened ?\nSUSE Image SLES15-SP4-SAP-Hardened-BYOS ?\nSUSE Image SLES15-SP4-SAP-Hardened-BYOS ?\nSUSE Image SLES15-SP4-SAP-Hardened-BYOS-Azure ?\nSUSE Image SLES15-SP4-SAP-Hardened-BYOS-Azure ?\nSUSE Image SLES15-SP4-SAP-Hardened-BYOS-EC2 ?\nSUSE Image SLES15-SP4-SAP-Hardened-BYOS-EC2 ?\nSUSE Image SLES15-SP4-SAP-Hardened-BYOS-GCE ?\nSUSE Image SLES15-SP4-SAP-Hardened-BYOS-GCE ?\nSUSE Image SLES15-SP4-SAP-Hardened-GCE ?\nSUSE Image SLES15-SP4-SAP-Hardened-GCE ?\nSUSE SUSE Linux Enterprise Desktop 15 SP7 ?\nSUSE SUSE Linux Enterprise Desktop 15 SP7 ?\nSUSE SUSE Linux Enterprise Desktop 15 SP7 ?\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP7 ?\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP7 ?\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP7 ?\nSUSE SUSE Linux Enterprise Module for Basesystem 15 SP7 ?\nSUSE SUSE Linux Enterprise Module for Basesystem 15 SP7 ?\nSUSE SUSE Linux Enterprise Module for Basesystem 15 SP7 ?\nSUSE SUSE Linux Enterprise Server 15 SP7 ?\nSUSE SUSE Linux Enterprise Server 15 SP7 ?\nSUSE SUSE Linux Enterprise Server 15 SP7 ?\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP7 ?\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP7 ?\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP7 ?\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS ?\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS ?\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS ?\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS ?\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS ?\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS ?\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS ?\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS ?\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS ?\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS ?\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS ?\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS ?\nSUSE SUSE Linux Enterprise Micro 5.3 ?\nSUSE SUSE Linux Enterprise Micro 5.3 ?\nSUSE SUSE Linux Enterprise Micro 5.4 ?\nSUSE SUSE Linux Enterprise Micro 5.4 ?\nSUSE SUSE Linux Enterprise Micro 5.5 ?\nSUSE SUSE Linux Enterprise Micro 5.5 ?\nSUSE SUSE Linux Enterprise Server 15 SP4-LTSS ?\nSUSE SUSE Linux Enterprise Server 15 SP4-LTSS ?\nSUSE SUSE Linux Enterprise Server 15 SP4-LTSS ?\nSUSE SUSE Linux Enterprise Server 15 SP5-LTSS ?\nSUSE SUSE Linux Enterprise Server 15 SP5-LTSS ?\nSUSE SUSE Linux Enterprise Server 15 SP5-LTSS ?\nSUSE SUSE Linux Enterprise Server 15 SP6-LTSS ?\nSUSE SUSE Linux Enterprise Server 15 SP6-LTSS ?\nSUSE SUSE Linux Enterprise Server 15 SP6-LTSS ?\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP4 ?\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP4 ?\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP4 ?\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP5 ?\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP5 ?\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP5 ?\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP6 ?\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP6 ?\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP6 ?\nSUSE SUSE Manager Proxy LTS 4.3 ?\nSUSE SUSE Manager Proxy LTS 4.3 ?\nSUSE SUSE Manager Proxy LTS 4.3 ?\nSUSE SUSE Manager Retail Branch Server LTS 4.3 ?\nSUSE SUSE Manager Retail Branch Server LTS 4.3 ?\nSUSE SUSE Manager Retail Branch Server LTS 4.3 ?\nSUSE SUSE Manager Server LTS 4.3 ?\nSUSE SUSE Manager Server LTS 4.3 ?\nSUSE SUSE Manager Server LTS 4.3 ?",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Container suse/sle-micro-rancher/5.3:latest",
    "version": "?",
    "vendor": "SUSE",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Missing exit out of permission check in haveged could lead to root exploit_CVE-2026-41054