Description
The xfer_secondary_pool function in drivers/char/random.c in the Linux kernel 2.4 before 2.4.35 performs reseed operations on only the first few bytes of a buffer, which might make it easier for attackers to predict the output of the random number generator, related to incorrect use of the sizeof operator.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 Debian DSA |
DSA-1503-1 | New Linux kernel 2.4.27 packages fix several issues |
| Debian DSA |
DSA-1503-2 | New Linux kernel 2.4.27 packages fix several issues |
 EUVD |
EUVD-2007-4294 | The xfer_secondary_pool function in drivers/char/random.c in the Linux kernel 2.4 before 2.4.35 performs reseed operations on only the first few bytes of a buffer, which might make it easier for attackers to predict the output of the random number generator, related to incorrect use of the sizeof operator. |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-07T14:53:55.250Z
Reserved: 2007-08-13T00:00:00.000Z
Link: CVE-2007-4311
Vulnrichment
No data.
NVD
Status : Deferred
Published: 2007-08-13T21:17:00.000
Modified: 2025-04-09T00:30:58.490
Link: CVE-2007-4311
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses