VYPR

Finit

by Troglobit

Source repositories

CVEs (2)

  • CVE-2025-29906HigApr 29, 2025
    risk 0.49cvss 8.6epss 0.00

    Finit is a fast init for Linux systems. Versions starting from 3.0-rc1 and prior to version 4.11 bundle an implementation of getty for the `tty` configuration directive that can bypass `/bin/login`, i.e., a user can log in as any user without authentication. This issue has been…

  • CVE-2025-32022MedMay 6, 2025
    risk 0.23cvss 4.6epss 0.00

    Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. The urandom plugin is enabled by default, so…