CVE-2025-29906 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Finit is a fast init for Linux systems. Versions starting from 3.0-rc1 and prior to version 4.11 bundle an implementation of getty for the `tty` configuration d…
High CVSS: 8.6

CVE-2025-29906

Finit is a fast init for Linux systems. Versions starting from 3.0-rc1 and prior to version 4.11 bundle an implementation of getty for the `tty` configuration directive that can bypass `/bin/login`, i.e., a user can log in as any user without authentication. This issue has been patched in version 4.11.
Vendor
-
Product
-
CWE
CWE-287
Yayın Tarihi
2025-04-29 23:16:04
Güncelleme
2025-05-02 13:53:40
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-287 HIGH 2025

Referanslar

https://github.com/troglobit/finit/commit/6528628b5c771c25ffa0cb1a46c6c89d9d0d69e0 https://github.com/troglobit/finit/security/advisories/GHSA-563g-p98j-mc9q