Security Advisory

CVE-2025-29906

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-29 22:17:47

Last updated 2025-04-30 17:33:20

Assigner GitHub_M

State PUBLISHED

Description

Finit is a fast init for Linux systems. Versions starting from 3.0-rc1 and prior to version 4.11 bundle an implementation of getty for the `tty` configuration directive that can bypass `/bin/login`, i.e., a user can log in as any user without authentication. This issue has been patched in version 4.11.

← Browse all CVEs View on cve.org ↗