CVE-2026-41054
Missing exit out of permission check in haveged could lead to root exploit
CVSS Score
7.8
EPSS Score
0.0%
EPSS Percentile
0th
In `src/havegecmd.c`, the `socket_handler` function performs a credential check on the abstract UNIX socket (`\0/sys/entropy/haveged`). However, while it detects if the connecting user is not root (`cred.uid != 0`) and prepares a negative acknowledgement (`ASCII_NAK`), it **fails to stop execution**. The code proceeds to the `switch` statement, allowing any local unprivileged user to execute privileged commands such as `MAGIC_CHROOT`.
| CWE | CWE-305 |
| Vendor | suse |
| Product | container suse/sle-micro-rancher/5.3:latest |
| Published | May 20, 2026 |
| Last Updated | May 20, 2026 |
Stay Ahead of the Next One
Get instant alerts for suse container suse/sle-micro-rancher/5.3:latest
Be the first to know when new high vulnerabilities affecting suse container suse/sle-micro-rancher/5.3:latest are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected Versions
SUSE / Container suse/sle-micro-rancher/5.3:latest
? < 1.9.14-150400.3.11.1
SUSE / Container suse/sle-micro-rancher/5.3:latest
? < 1.9.14-150400.3.11.1
SUSE / Container suse/sle-micro-rancher/5.4:latest
? < 1.9.14-150400.3.11.1
SUSE / Container suse/sle-micro-rancher/5.4:latest
? < 1.9.14-150400.3.11.1
SUSE / Container suse/sle-micro/5.5:latest
? < 1.9.14-150400.3.11.1
SUSE / Container suse/sle-micro/5.5:latest
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-BYOS
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-BYOS
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-BYOS-Azure
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-BYOS-Azure
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-BYOS-EC2
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-BYOS-EC2
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-BYOS-GCE
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-BYOS-GCE
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-Hardened
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-Hardened
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-Hardened-BYOS
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-Hardened-BYOS
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-Hardened-BYOS-Azure
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-Hardened-BYOS-Azure
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-Hardened-BYOS-EC2
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-Hardened-BYOS-EC2
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-Hardened-BYOS-GCE
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-Hardened-BYOS-GCE
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-Hardened-GCE
? < 1.9.14-150400.3.11.1
SUSE / Image SLES15-SP4-SAP-Hardened-GCE
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Desktop 15 SP7
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise Desktop 15 SP7
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise Desktop 15 SP7
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise High Performance Computing 15 SP7
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise High Performance Computing 15 SP7
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise High Performance Computing 15 SP7
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise Module for Basesystem 15 SP7
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise Module for Basesystem 15 SP7
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise Module for Basesystem 15 SP7
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise Server 15 SP7
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise Server 15 SP7
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise Server 15 SP7
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise Server for SAP Applications 15 SP7
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise Server for SAP Applications 15 SP7
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise Server for SAP Applications 15 SP7
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Micro 5.3
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Micro 5.3
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Micro 5.4
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Micro 5.4
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Micro 5.5
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Micro 5.5
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Server 15 SP4-LTSS
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Server 15 SP4-LTSS
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Server 15 SP4-LTSS
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Server 15 SP5-LTSS
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Server 15 SP5-LTSS
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Server 15 SP5-LTSS
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Server 15 SP6-LTSS
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise Server 15 SP6-LTSS
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise Server 15 SP6-LTSS
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise Server for SAP Applications 15 SP4
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Server for SAP Applications 15 SP4
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Server for SAP Applications 15 SP4
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Server for SAP Applications 15 SP5
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Server for SAP Applications 15 SP5
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Server for SAP Applications 15 SP5
? < 1.9.14-150400.3.11.1
SUSE / SUSE Linux Enterprise Server for SAP Applications 15 SP6
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise Server for SAP Applications 15 SP6
? < 1.9.14-150600.11.6.1
SUSE / SUSE Linux Enterprise Server for SAP Applications 15 SP6
? < 1.9.14-150600.11.6.1
SUSE / SUSE Manager Proxy LTS 4.3
? < 1.9.14-150400.3.11.1
SUSE / SUSE Manager Proxy LTS 4.3
? < 1.9.14-150400.3.11.1
SUSE / SUSE Manager Proxy LTS 4.3
? < 1.9.14-150400.3.11.1
SUSE / SUSE Manager Retail Branch Server LTS 4.3
? < 1.9.14-150400.3.11.1
SUSE / SUSE Manager Retail Branch Server LTS 4.3
? < 1.9.14-150400.3.11.1
SUSE / SUSE Manager Retail Branch Server LTS 4.3
? < 1.9.14-150400.3.11.1
SUSE / SUSE Manager Server LTS 4.3
? < 1.9.14-150400.3.11.1
SUSE / SUSE Manager Server LTS 4.3
? < 1.9.14-150400.3.11.1
SUSE / SUSE Manager Server LTS 4.3
? < 1.9.14-150400.3.11.1
References
bugzilla.suse.com: https://bugzilla.suse.com/show_bug.cgi?id=CVE-2026-41054 openwall.com: http://www.openwall.com/lists/oss-security/2026/05/19/3 openwall.com: http://www.openwall.com/lists/oss-security/2026/05/19/4 openwall.com: http://www.openwall.com/lists/oss-security/2026/05/19/5 openwall.com: http://www.openwall.com/lists/oss-security/2026/05/20/1
Credits
Dirk Mueller of SUSE