VYPR

rpm package

opensuse/haveged&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/haveged&distro=openSUSE%20Tumbleweed

Vulnerabilities (1)

  • CVE-2026-41054HigMay 20, 2026
    affected < 1.9.21-1.1fixed 1.9.21-1.1

    In `src/havegecmd.c`, the `socket_handler` function performs a credential check on the abstract UNIX socket (`\0/sys/entropy/haveged`). However, while it detects if the connecting user is not root (`cred.uid != 0`) and prepares a negative acknowledgement (`ASCII_NAK`), it **fails