Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

Fedora 44 Haveged Important Privilege Escalation Fix 2026-02b08daa05

fedora
Calendar Grey June 8, 2026
Dist Fedora Esm H88
Patch for Fedora 44 addresses important security issue in haveged, mitigating privilege escalation risk and enhancing sandboxing.
Update to 1.9.22 — fix systemd sandboxing: add ReadWritePaths=/dev/shm for semaphore creation Backport fix for CVE-2026-41054: privilege escalation via command socket

Summary

A Linux entropy source using the HAVEGE algorithm

Haveged is a user space entropy daemon which is not dependent upon the

standard mechanisms for harvesting randomness for the system entropy

pool. This is important in systems with high entropy needs or limited

user interaction (e.g. headless servers).

Haveged uses HAVEGE (HArdware Volatile Entropy Gathering and Expansion)

to maintain a 1M pool of random bytes used to fill /dev/random

whenever the supply of random bits in /dev/random falls below the low

water mark of the device. The principle inputs to haveged are the

sizes of the processor instruction and data caches used to setup the

HAVEGE collector. The haveged default is a 4kb data cache and a 16kb

instruction cache. On machines with a cpuid instruction, haveged will

attempt to select appropriate values from internal tables.

Update Information:

Update to 1.9.22 — fix systemd sandboxing: add ReadWritePaths=/dev/shm for semaphore creation Backport fix for CVE-2026-41054: privilege escalation via command socket

Topics%20covered

Topics Covered

security advisory fedora privilege escalation important haveged systemd sandboxing

Change Log

* Thu May 21 2026 Jirka Hladky - 1.9.22-1 - Update to 1.9.22 - Fix systemd sandboxing: add ReadWritePaths=/dev/shm for semaphore creation

References


[ 1 ] Bug #2480051 - CVE-2026-41054 haveged: privilege escalation via command socket https://bugzilla.redhat.com/show_bug.cgi?id=2480051

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-02b08daa05' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: haveged
Product: Fedora 44
Version: 1.9.22
Release: 1.fc44
URL: https://github.com/jirka-h/haveged
Summary: A Linux entropy source using the HAVEGE algorithm

Topics%20covered

Topics Covered

security advisory fedora privilege escalation important haveged systemd sandboxing

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here