CVE-2026-41054: Missing exit out of permission check in haveged could lead to root exploit

Q: What is the severity of CVE-2026-41054?

CVE-2026-41054 has a high severity rating of 7.8.

Q: What is the main issue with CVE-2026-41054?

CVE-2026-41054 involves a missing exit out of a permission check in haveged, which could potentially lead to a root exploit.

Q: How do I fix CVE-2026-41054?

To fix CVE-2026-41054, update to the latest version of haveged that includes the necessary patches.

Q: What systems are affected by CVE-2026-41054?

CVE-2026-41054 affects systems running the haveged software.

Q: Can CVE-2026-41054 be exploited remotely?

Yes, CVE-2026-41054 can potentially be exploited remotely due to the permission check vulnerability in an abstract UNIX socket.

Published May 19, 2026

Updated

In `src/havegecmd.c`, the `socket_handler` function performs a credential check on the abstract UNIX socket (`\0/sys/entropy/haveged`). However, while it detects if the connecting user is not root (`cred.uid != 0`) and prepares a negative acknowledgement (`ASCII_NAK`), it **fails to stop execution**. The code proceeds to the `switch` statement, allowing any local unprivileged user to execute privileged commands such as `MAGIC_CHROOT`.

Affected Software

2 affected componentsFixes available

haveged haveged<1.9.21

Microsoft azl3 haveged 1.9.17-1

Patch available

Event History

May 20, 2026

CVE Published

via MITRE·08:56 AM

Data Sourced

via MITRE·08:56 AM

DescriptionSeverityWeakness

Data Sourced

via NVD·10:16 AM

DescriptionSeverityWeakness

May 23, 2026

Data Sourced

via Microsoft·08:02 AM

DescriptionSeverityWeaknessAffected Software

Updated

via Microsoft·08:02 AM

DescriptionSeverity

Frequently Asked Questions

What is the severity of CVE-2026-41054?

CVE-2026-41054 has a high severity rating of 7.8.

What is the main issue with CVE-2026-41054?

CVE-2026-41054 involves a missing exit out of a permission check in haveged, which could potentially lead to a root exploit.

How do I fix CVE-2026-41054?

To fix CVE-2026-41054, update to the latest version of haveged that includes the necessary patches.

What systems are affected by CVE-2026-41054?

CVE-2026-41054 affects systems running the haveged software.

Can CVE-2026-41054 be exploited remotely?

Yes, CVE-2026-41054 can potentially be exploited remotely due to the permission check vulnerability in an abstract UNIX socket.

CVSS Score

7.8High

High Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Security Metrics

Risk Score75

Severityhigh(7.8)

CWE

305

Timeline

PublishedMay 19, 2026

Updated

References

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

CVE-2026-41054: Missing exit out of permission check in haveged could lead to root exploit

Affected Software

Event History

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2026-41054?

What is the main issue with CVE-2026-41054?

How do I fix CVE-2026-41054?

What systems are affected by CVE-2026-41054?

Can CVE-2026-41054 be exploited remotely?

Company

Resources

Contact