Back

Critical Exec Privilege Escalation Vulnerability in haveged Affects Multiple Ubuntu Releases

Severity: High (Score: 70.5)

Sources: launchpad.net, Linuxsecurity, Ubuntu

Published: 2026-06-02 · Updated: 2026-06-02

Keywords: ubuntu, haveged, issue, discovered, critical, exec, privilege

Severity indicators: critical, issue, privilege escalation

Summary

A critical security vulnerability has been identified in haveged, a userspace entropy daemon, affecting Ubuntu 26.04 LTS and earlier versions. The flaw allows local attackers to bypass credential checks on the control socket, potentially enabling them to execute commands with elevated privileges. This vulnerability impacts Ubuntu 26.04 LTS, 25.10, 24.04 LTS, and 22.04 LTS. Users are advised to update their systems to the latest package versions to mitigate the risk. The specific package versions required for the fix are detailed in the advisory. After applying updates, a restart of the haveged service is necessary to implement the changes. The vulnerability has been assigned the identifier USN-8358-1. No active exploitation has been reported as of the publication date. Key Points: • haveged vulnerability allows local privilege escalation on multiple Ubuntu versions. • Affected versions include Ubuntu 26.04 LTS and earlier releases. • Users must update to specific package versions and restart the service to mitigate the risk.

Detailed Analysis

**Impact** Multiple Ubuntu releases are affected, including Ubuntu 26.04 LTS, 25.10, 24.04 LTS, and 22.04 LTS, along with their derivatives. The vulnerability allows a local attacker to escalate privileges and execute commands as an administrator, potentially compromising system integrity and sensitive data. This impacts organizations using these Ubuntu versions across all sectors and geographies where these systems are deployed. No specific data breach or sector targeting information is provided. **Technical Details** The vulnerability arises from improper credential checks on haveged’s control socket, enabling local privilege escalation. The attack vector requires local access to the affected system. No CVE identifier or malware/tool names are mentioned. The exploitation occurs during the privilege escalation stage of the kill chain. No indicators of compromise (IOCs) are provided in the articles. **Recommended Response** Apply the updated haveged and libhavege2 packages specific to each Ubuntu release immediately: 1.9.19-14ubuntu0.1 for 26.04 LTS, 1.9.19-12+deb13u1build0.25.10.1 for 25.10, and the respective versions available via Ubuntu Pro for 24.04 LTS and 22.04 LTS. After patching, restart the haveged service to activate fixes. Monitor for unusual local privilege escalation attempts and unauthorized command executions. No additional detection signatures or configurations are specified.

Source articles (3)

  • USN-8358-1: haveged vulnerability — Ubuntu · 2026-06-01
    It was discovered that haveged incorrectly handled credential checks on its control socket. A local attacker could possibly use this issue to execute privileged commands. It was discovered that havege…
  • Ubuntu 26.04 LTS haveged Critical Exec Privilege Escalation USN-8358 — Linuxsecurity · 2026-06-01
    A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: haveged could be made to run programs as an admi…
  • Haveged — launchpad.net · 2026-06-01
    haveged: entropy source using the HAVEGE algorithm haveged-dbgsym: debug symbols for haveged libhavege-dev: entropy source using the HAVEGE algorithm (development files) libhavege2: entropy source usi…

Timeline

  • 2026-06-01 — USN-8358-1 published: Ubuntu issued a security notice detailing a critical vulnerability in haveged affecting multiple versions.
  • 2026-06-01 — Vulnerability discovered: The flaw in haveged was found to incorrectly handle credential checks, allowing privilege escalation.
  • Recent — Users advised to update: Users are urged to update to the latest package versions to address the critical vulnerability.

Related entities

  • Privilege Escalation (Attack Type)
  • CWE-287 - Improper Authentication (Cwe)
  • T1068 - Exploitation for Privilege Escalation (Mitre Attack)
  • Ubuntu (Company)
  • Haveged Vulnerability (Vulnerability)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed