CVE-2026-41054

Summary

In src/havegecmd.c, the socket_handler function performs a credential check on the abstract UNIX socket (\0/sys/entropy/haveged). However, while it detects if the connecting user is not root (cred.uid != 0) and prepares a negative acknowledgement (ASCII_NAK), it fails to stop execution. The code proceeds to the switch statement, allowing any local unprivileged user to execute privileged commands such as MAGIC_CHROOT.

Affected Software

VendorProductVersion RangeStatus
SUSEContainer suse/sle-micro-rancher/5.3:latest? < 1.9.14-150400.3.11.1affected
SUSEContainer suse/sle-micro-rancher/5.3:latest? < 1.9.14-150400.3.11.1affected
SUSEContainer suse/sle-micro-rancher/5.4:latest? < 1.9.14-150400.3.11.1affected
SUSEContainer suse/sle-micro-rancher/5.4:latest? < 1.9.14-150400.3.11.1affected
SUSEContainer suse/sle-micro/5.5:latest? < 1.9.14-150400.3.11.1affected
SUSEContainer suse/sle-micro/5.5:latest? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-BYOS? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-BYOS? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-BYOS-Azure? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-BYOS-Azure? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-BYOS-EC2? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-BYOS-EC2? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-BYOS-GCE? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-BYOS-GCE? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-Hardened? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-Hardened? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-Hardened-BYOS? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-Hardened-BYOS? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-Hardened-BYOS-Azure? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-Hardened-BYOS-Azure? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-Hardened-BYOS-EC2? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-Hardened-BYOS-EC2? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-Hardened-BYOS-GCE? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-Hardened-BYOS-GCE? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-Hardened-GCE? < 1.9.14-150400.3.11.1affected
SUSEImage SLES15-SP4-SAP-Hardened-GCE? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Desktop 15 SP7? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise Desktop 15 SP7? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise Desktop 15 SP7? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise High Performance Computing 15 SP7? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise High Performance Computing 15 SP7? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise High Performance Computing 15 SP7? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise Module for Basesystem 15 SP7? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise Module for Basesystem 15 SP7? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise Module for Basesystem 15 SP7? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise Server 15 SP7? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise Server 15 SP7? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise Server 15 SP7? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise Server for SAP Applications 15 SP7? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise Server for SAP Applications 15 SP7? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise Server for SAP Applications 15 SP7? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise High Performance Computing 15 SP4-LTSS? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise High Performance Computing 15 SP4-LTSS? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise High Performance Computing 15 SP4-LTSS? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise High Performance Computing 15 SP5-LTSS? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise High Performance Computing 15 SP5-LTSS? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise High Performance Computing 15 SP5-LTSS? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Micro 5.3? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Micro 5.3? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Micro 5.4? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Micro 5.4? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Micro 5.5? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Micro 5.5? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Server 15 SP4-LTSS? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Server 15 SP4-LTSS? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Server 15 SP4-LTSS? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Server 15 SP5-LTSS? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Server 15 SP5-LTSS? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Server 15 SP5-LTSS? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Server 15 SP6-LTSS? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise Server 15 SP6-LTSS? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise Server 15 SP6-LTSS? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise Server for SAP Applications 15 SP4? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Server for SAP Applications 15 SP4? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Server for SAP Applications 15 SP4? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Server for SAP Applications 15 SP5? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Server for SAP Applications 15 SP5? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Server for SAP Applications 15 SP5? < 1.9.14-150400.3.11.1affected
SUSESUSE Linux Enterprise Server for SAP Applications 15 SP6? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise Server for SAP Applications 15 SP6? < 1.9.14-150600.11.6.1affected
SUSESUSE Linux Enterprise Server for SAP Applications 15 SP6? < 1.9.14-150600.11.6.1affected
SUSESUSE Manager Proxy LTS 4.3? < 1.9.14-150400.3.11.1affected
SUSESUSE Manager Proxy LTS 4.3? < 1.9.14-150400.3.11.1affected
SUSESUSE Manager Proxy LTS 4.3? < 1.9.14-150400.3.11.1affected
SUSESUSE Manager Retail Branch Server LTS 4.3? < 1.9.14-150400.3.11.1affected
SUSESUSE Manager Retail Branch Server LTS 4.3? < 1.9.14-150400.3.11.1affected
SUSESUSE Manager Retail Branch Server LTS 4.3? < 1.9.14-150400.3.11.1affected
SUSESUSE Manager Server LTS 4.3? < 1.9.14-150400.3.11.1affected
SUSESUSE Manager Server LTS 4.3? < 1.9.14-150400.3.11.1affected
SUSESUSE Manager Server LTS 4.3? < 1.9.14-150400.3.11.1affected

Weaknesses

  • CWE-305: CWE-305: Authentication Bypass by Primary Weakness

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References