{“lastseen”:””,”description”:”In `src\/havegecmd.c`, the `socket_handler` function performs a credential check on the abstract UNIX socket (`\\\\0\/sys\/entropy\/haveged`). However, while it detects if the connecting user is not root (`cred.uid != 0`) and prepares a negative acknowledgement (`ASCII_NAK`), it **fails to stop execution**. The code proceeds to the `switch` statement, allowing any local unprivileged user to execute privileged commands such as `MAGIC_CHROOT`.”,”published”:”2026-05-20T08:56:14.466Z”,”modified”:”2026-05-20T09:09:33.506Z”,”type”:”cve”,”title”:”Missing exit out of permission check in haveged could lead to root exploit”,”source”:”suse”,”references”:”https:\/\/bugzilla.suse.com\/show_bug.cgi?id=CVE-2026-41054″,”id”:”CVE-2026-41054″,”bulletinFamily”:””,”cwe”:[“CWE-305″],”cvelist”:null,”sourceData”:”SUSE Container suse\/sle-micro-rancher\/5.3:latest ?\\nSUSE Container suse\/sle-micro-rancher\/5.3:latest ?\\nSUSE Container suse\/sle-micro-rancher\/5.4:latest ?\\nSUSE Container suse\/sle-micro-rancher\/5.4:latest ?\\nSUSE Container suse\/sle-micro\/5.5:latest ?\\nSUSE Container suse\/sle-micro\/5.5:latest ?\\nSUSE Image SLES15-SP4-SAP-BYOS ?\\nSUSE Image SLES15-SP4-SAP-BYOS ?\\nSUSE Image SLES15-SP4-SAP-BYOS-Azure ?\\nSUSE Image SLES15-SP4-SAP-BYOS-Azure ?\\nSUSE Image SLES15-SP4-SAP-BYOS-EC2 ?\\nSUSE Image SLES15-SP4-SAP-BYOS-EC2 ?\\nSUSE Image SLES15-SP4-SAP-BYOS-GCE ?\\nSUSE Image SLES15-SP4-SAP-BYOS-GCE ?\\nSUSE Image SLES15-SP4-SAP-Hardened ?\\nSUSE Image SLES15-SP4-SAP-Hardened ?\\nSUSE Image SLES15-SP4-SAP-Hardened-BYOS ?\\nSUSE Image SLES15-SP4-SAP-Hardened-BYOS ?\\nSUSE Image SLES15-SP4-SAP-Hardened-BYOS-Azure ?\\nSUSE Image SLES15-SP4-SAP-Hardened-BYOS-Azure ?\\nSUSE Image SLES15-SP4-SAP-Hardened-BYOS-EC2 ?\\nSUSE Image SLES15-SP4-SAP-Hardened-BYOS-EC2 ?\\nSUSE Image SLES15-SP4-SAP-Hardened-BYOS-GCE ?\\nSUSE Image SLES15-SP4-SAP-Hardened-BYOS-GCE ?\\nSUSE Image SLES15-SP4-SAP-Hardened-GCE ?\\nSUSE Image SLES15-SP4-SAP-Hardened-GCE ?\\nSUSE SUSE Linux Enterprise Desktop 15 SP7 ?\\nSUSE SUSE Linux Enterprise Desktop 15 SP7 ?\\nSUSE SUSE Linux Enterprise Desktop 15 SP7 ?\\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP7 ?\\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP7 ?\\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP7 ?\\nSUSE SUSE Linux Enterprise Module for Basesystem 15 SP7 ?\\nSUSE SUSE Linux Enterprise Module for Basesystem 15 SP7 ?\\nSUSE SUSE Linux Enterprise Module for Basesystem 15 SP7 ?\\nSUSE SUSE Linux Enterprise Server 15 SP7 ?\\nSUSE SUSE Linux Enterprise Server 15 SP7 ?\\nSUSE SUSE Linux Enterprise Server 15 SP7 ?\\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP7 ?\\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP7 ?\\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP7 ?\\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS ?\\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS ?\\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS ?\\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS ?\\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS ?\\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS ?\\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS ?\\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS ?\\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS ?\\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS ?\\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS ?\\nSUSE SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS ?\\nSUSE SUSE Linux Enterprise Micro 5.3 ?\\nSUSE SUSE Linux Enterprise Micro 5.3 ?\\nSUSE SUSE Linux Enterprise Micro 5.4 ?\\nSUSE SUSE Linux Enterprise Micro 5.4 ?\\nSUSE SUSE Linux Enterprise Micro 5.5 ?\\nSUSE SUSE Linux Enterprise Micro 5.5 ?\\nSUSE SUSE Linux Enterprise Server 15 SP4-LTSS ?\\nSUSE SUSE Linux Enterprise Server 15 SP4-LTSS ?\\nSUSE SUSE Linux Enterprise Server 15 SP4-LTSS ?\\nSUSE SUSE Linux Enterprise Server 15 SP5-LTSS ?\\nSUSE SUSE Linux Enterprise Server 15 SP5-LTSS ?\\nSUSE SUSE Linux Enterprise Server 15 SP5-LTSS ?\\nSUSE SUSE Linux Enterprise Server 15 SP6-LTSS ?\\nSUSE SUSE Linux Enterprise Server 15 SP6-LTSS ?\\nSUSE SUSE Linux Enterprise Server 15 SP6-LTSS ?\\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP4 ?\\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP4 ?\\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP4 ?\\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP5 ?\\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP5 ?\\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP5 ?\\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP6 ?\\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP6 ?\\nSUSE SUSE Linux Enterprise Server for SAP Applications 15 SP6 ?\\nSUSE SUSE Manager Proxy LTS 4.3 ?\\nSUSE SUSE Manager Proxy LTS 4.3 ?\\nSUSE SUSE Manager Proxy LTS 4.3 ?\\nSUSE SUSE Manager Retail Branch Server LTS 4.3 ?\\nSUSE SUSE Manager Retail Branch Server LTS 4.3 ?\\nSUSE SUSE Manager Retail Branch Server LTS 4.3 ?\\nSUSE SUSE Manager Server LTS 4.3 ?\\nSUSE SUSE Manager Server LTS 4.3 ?\\nSUSE SUSE Manager Server LTS 4.3 ?”,”sourceHref”:””,”cvss”:{“score”:7.8,”severity”:”HIGH”,”vector”:”CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”Container suse\/sle-micro-rancher\/5.3:latest”,”version”:”?”,”vendor”:”SUSE”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”In `src\/havegecmd.c`, the `socket_handler` function performs a credential check on the abstract UNIX socket (`\\\\0\/sys\/entropy\/haveged`). However, while it detects if the connecting user is not…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,28,12,15,13,7,11,5],"class_list":["post-55778","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-78","tag-exploit","tag-high","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n