Aanderse

**Name of the Vulnerable Software and Affected Versions** Finit versions 4.2 through 4.11 **Description** Finit's urandom plugin has a heap buffer overwrite vulnerability at boot, which can lead to random instabilities and undefined behavior. The urandom plugin is enabled by default. **Recommendations** For Finit versions 4.2 through 4.11, disable the urandom plugin in the call to the `configure` script as a temporary workaround. Upgrade to Finit 4.12 to fully resolve the issue.