Bug 2480051 (CVE-2026-41054) - CVE-2026-41054 haveged: privilege escalation via command socket
Summary: CVE-2026-41054 haveged: privilege escalation via command socket
Keywords:
Status: ON_QA
Alias: CVE-2026-41054
Product: Fedora
Classification: Fedora
Component: haveged
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Jiri Hladky
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2026-05-20 00:37 UTC by Jiri Hladky
Modified: 2026-05-21 02:34 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Jiri Hladky 2026-05-20 00:37:10 UTC 
A privilege escalation vulnerability was found in haveged.
                                                                                                                                                                                                                                           
The socket_handler() function in src/havegecmd.c checks the connecting
peer's uid via SO_PEERCRED and sends a NAK response to non-root callers.
However, after sending the NAK, execution continued into the command    
switch instead of returning. This allowed unprivileged local users to                                                                                                                                                                    
send commands (MAGIC_CHROOT, MAGIC_CLOSE) to the root-running daemon 
via the abstract UNIX socket.                                                                                                                                                                                                            
                                                                                                                                                          
Affected: all versions with command socket support (1.9.14+)
                                                                                                                                                                                                                             
Upstream fix: https://github.com/jirka-h/haveged/releases/tag/v1.9.21
Fix commit: https://github.com/jirka-h/haveged/commit/3870de0                                                                                                                                                                            
SUSE bug: https://bugzilla.suse.com/show_bug.cgi?id=1264086  
                                                                                                                                                                                                                                   
Fixed in: haveged-1.9.21-1 (rawhide, f44, f43, f42, epel9, epel10)
Fixed in: haveged-1.9.14-2 (epel8, backported patch)
Comment 1 Fedora Update System 2026-05-20 00:58:45 UTC 
FEDORA-EPEL-2026-56fb074420 (haveged-1.9.14-2.el8) has been submitted as an update to Fedora EPEL 8.
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-56fb074420
Comment 2 Fedora Update System 2026-05-20 00:59:51 UTC 
FEDORA-EPEL-2026-efe6be3dfa (haveged-1.9.21-1.el9) has been submitted as an update to Fedora EPEL 9.
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-efe6be3dfa
Comment 3 Fedora Update System 2026-05-20 01:00:40 UTC 
FEDORA-EPEL-2026-b3a94630f0 (haveged-1.9.21-1.el10_3) has been submitted as an update to Fedora EPEL 10.3.
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-b3a94630f0
Comment 4 Fedora Update System 2026-05-20 01:02:19 UTC 
FEDORA-EPEL-2026-ca77194ac0 (haveged-1.9.21-1.el10_2) has been submitted as an update to Fedora EPEL 10.2.
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-ca77194ac0
Comment 5 Fedora Update System 2026-05-20 01:03:08 UTC 
FEDORA-2026-7fcffd5c31 (haveged-1.9.21-1.fc42) has been submitted as an update to Fedora 42.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-7fcffd5c31
Comment 6 Fedora Update System 2026-05-20 01:03:52 UTC 
FEDORA-2026-12643837bd (haveged-1.9.21-1.fc44) has been submitted as an update to Fedora 44.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-12643837bd
Comment 7 Fedora Update System 2026-05-20 01:06:13 UTC 
FEDORA-2026-43e2722e8f (haveged-1.9.21-1.fc43) has been submitted as an update to Fedora 43.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-43e2722e8f
Comment 8 Fedora Update System 2026-05-21 01:31:36 UTC 
FEDORA-EPEL-2026-56fb074420 has been pushed to the Fedora EPEL 8 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-56fb074420

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 9 Fedora Update System 2026-05-21 01:34:40 UTC 
FEDORA-EPEL-2026-efe6be3dfa has been pushed to the Fedora EPEL 9 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-efe6be3dfa

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 10 Fedora Update System 2026-05-21 01:37:48 UTC 
FEDORA-EPEL-2026-b3a94630f0 has been pushed to the Fedora EPEL 10.3 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-b3a94630f0

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 11 Fedora Update System 2026-05-21 01:40:45 UTC 
FEDORA-EPEL-2026-ca77194ac0 has been pushed to the Fedora EPEL 10.2 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-ca77194ac0

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 12 Fedora Update System 2026-05-21 01:57:22 UTC 
FEDORA-2026-43e2722e8f has been pushed to the Fedora 43 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2026-43e2722e8f`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2026-43e2722e8f

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 13 Fedora Update System 2026-05-21 02:20:11 UTC 
FEDORA-2026-7fcffd5c31 has been pushed to the Fedora 42 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2026-7fcffd5c31`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2026-7fcffd5c31

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 14 Fedora Update System 2026-05-21 02:34:02 UTC 
FEDORA-2026-12643837bd has been pushed to the Fedora 44 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2026-12643837bd`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2026-12643837bd

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Note You need to log in before you can comment on or make changes to this bug.