Local Privilege Escalation via haveged UNIX Socket on SUSE
CVE-2026-41054 Published on May 20, 2026

Missing exit out of permission check in haveged could lead to root exploit
In `src/havegecmd.c`, the `socket_handler` function performs a credential check on the abstract UNIX socket (`\0/sys/entropy/haveged`). However, while it detects if the connecting user is not root (`cred.uid != 0`) and prepares a negative acknowledgement (`ASCII_NAK`), it **fails to stop execution**. The code proceeds to the `switch` statement, allowing any local unprivileged user to execute privileged commands such as `MAGIC_CHROOT`.

NVD

Vulnerability Analysis

CVE-2026-41054 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:
LOCAL
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH

Weakness Type

Authentication Bypass by Primary Weakness

The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.


Products Associated with CVE-2026-41054

Want to know whenever a new CVE is published for Suse products? stack.watch will email you.

Suse Rancher
 
Suse Linux Enterprise Desktop
 
Suse Linux Enterprise
 
Suse Linux Enterprise Server
 
Suse Manager
 

Affected Versions

Container suse/sle-micro-rancher/5.3:latest: Container suse/sle-micro-rancher/5.3:latest: Container suse/sle-micro-rancher/5.4:latest: Container suse/sle-micro-rancher/5.4:latest: Container suse/sle-micro/5.5:latest: Container suse/sle-micro/5.5:latest: SUSE Image SLES15-SP4-SAP-BYOS: SUSE Image SLES15-SP4-SAP-BYOS: SUSE Image SLES15-SP4-SAP-BYOS-Azure: SUSE Image SLES15-SP4-SAP-BYOS-Azure: SUSE Image SLES15-SP4-SAP-BYOS-EC2: SUSE Image SLES15-SP4-SAP-BYOS-EC2: SUSE Image SLES15-SP4-SAP-BYOS-GCE: SUSE Image SLES15-SP4-SAP-BYOS-GCE: SUSE Image SLES15-SP4-SAP-Hardened: SUSE Image SLES15-SP4-SAP-Hardened: SUSE Image SLES15-SP4-SAP-Hardened-BYOS: SUSE Image SLES15-SP4-SAP-Hardened-BYOS: SUSE Image SLES15-SP4-SAP-Hardened-BYOS-Azure: SUSE Image SLES15-SP4-SAP-Hardened-BYOS-Azure: SUSE Image SLES15-SP4-SAP-Hardened-BYOS-EC2: SUSE Image SLES15-SP4-SAP-Hardened-BYOS-EC2: SUSE Image SLES15-SP4-SAP-Hardened-BYOS-GCE: SUSE Image SLES15-SP4-SAP-Hardened-BYOS-GCE: SUSE Image SLES15-SP4-SAP-Hardened-GCE: SUSE Image SLES15-SP4-SAP-Hardened-GCE: SUSE Linux Enterprise Desktop 15 SP7: SUSE Linux Enterprise Desktop 15 SP7: SUSE Linux Enterprise Desktop 15 SP7: SUSE Linux Enterprise High Performance Computing 15 SP7: SUSE Linux Enterprise High Performance Computing 15 SP7: SUSE Linux Enterprise High Performance Computing 15 SP7: SUSE Linux Enterprise Module for Basesystem 15 SP7: SUSE Linux Enterprise Module for Basesystem 15 SP7: SUSE Linux Enterprise Module for Basesystem 15 SP7: SUSE Linux Enterprise Server 15 SP7: SUSE Linux Enterprise Server 15 SP7: SUSE Linux Enterprise Server 15 SP7: SUSE Linux Enterprise Server for SAP Applications 15 SP7: SUSE Linux Enterprise Server for SAP Applications 15 SP7: SUSE Linux Enterprise Server for SAP Applications 15 SP7: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS: SUSE Linux Enterprise Micro 5.3: SUSE Linux Enterprise Micro 5.3: SUSE Linux Enterprise Micro 5.4: SUSE Linux Enterprise Micro 5.4: SUSE Linux Enterprise Micro 5.5: SUSE Linux Enterprise Micro 5.5: SUSE Linux Enterprise Server 15 SP4-LTSS: SUSE Linux Enterprise Server 15 SP4-LTSS: SUSE Linux Enterprise Server 15 SP4-LTSS: SUSE Linux Enterprise Server 15 SP5-LTSS: SUSE Linux Enterprise Server 15 SP5-LTSS: SUSE Linux Enterprise Server 15 SP5-LTSS: SUSE Linux Enterprise Server 15 SP6-LTSS: SUSE Linux Enterprise Server 15 SP6-LTSS: SUSE Linux Enterprise Server 15 SP6-LTSS: SUSE Linux Enterprise Server for SAP Applications 15 SP4: SUSE Linux Enterprise Server for SAP Applications 15 SP4: SUSE Linux Enterprise Server for SAP Applications 15 SP4: SUSE Linux Enterprise Server for SAP Applications 15 SP5: SUSE Linux Enterprise Server for SAP Applications 15 SP5: SUSE Linux Enterprise Server for SAP Applications 15 SP5: SUSE Linux Enterprise Server for SAP Applications 15 SP6: SUSE Linux Enterprise Server for SAP Applications 15 SP6: SUSE Linux Enterprise Server for SAP Applications 15 SP6: SUSE Manager Proxy LTS 4.3: SUSE Manager Proxy LTS 4.3: SUSE Manager Proxy LTS 4.3: SUSE Manager Retail Branch Server LTS 4.3: SUSE Manager Retail Branch Server LTS 4.3: SUSE Manager Retail Branch Server LTS 4.3: SUSE Manager Server LTS 4.3: SUSE Manager Server LTS 4.3: SUSE Manager Server LTS 4.3: