On Tue, 19 May 2026 12:27:03 +0000 Marcus Meissner <[email protected]> wrote:
> If you are using haveged, todays release fixes a local root exploit. You can also fix this by uninstalling it. There's no need to have an "entropy daemon"... It adds needless complexity and, as this issue shows, attack surface. There have been many improvements in the Linux kernel's RNG (Jason Donenfeld, also known as the Wireguard developer, did a lot of work on that) and I am quite confident that there are no problems with the RNG on any reasonably recent Linux kernel that an "entropy daemon" would help with. -- Hanno Böck - Independent security researcher https://itsec.hboeck.de/ https://badkeys.info/
