Approved changes feed: RSS · Atom
cpe:2.3:a:troglobit:finit:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Troglobit (87c709cf-cdc0-50a4-9b87-4ed9dd4c0b07) |
|---|---|
| Product | Finit (424bf9d8-3e1c-5b82-846e-67b01ab688db) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-32022 |
vulnerable | 2026-06-08 07:18:58.964769 |
Finit has heap based buffer overwrite in urandom.so plugin
MEDIUM (4.6)
Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. The urandom plugin is enabled by default, so this bug affects everyone using Finit 4.2 or later that do not explicitly disable the plugin at build time. This bug is fixed in Finit 4.12. Those who cannot upgrade or backport the fix to urandom.c are strongly recommended to disable the plugin in the call to the `configure` script.
Published: 2025-05-06T16:57:30.855Z
Updated: 2025-05-06T17:22:16.925Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-29906 |
vulnerable | 2026-06-08 07:14:56.936673 |
Finit bundled getty can bypass /bin/login
HIGH (8.6)
Finit is a fast init for Linux systems. Versions starting from 3.0-rc1 and prior to version 4.11 bundle an implementation of getty for the `tty` configuration directive that can bypass `/bin/login`, i.e., a user can log in as any user without authentication. This issue has been patched in version 4.11.
Published: 2025-04-29T22:17:47.228Z
Updated: 2025-04-30T17:33:20.258Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.