The xfer_secondary_pool function in drivers/char/random.c in the Linux kernel 2.4 before 2.4.35 performs reseed operations on only the first few bytes of a buffer, which might make it easier for attackers to predict the output of the random number generator, related to incorrect use of the sizeof operator.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Linux |
|
No data.
No data.
Advisories
| Source | ID | Title |
|---|---|---|
 Debian DSA |
DSA-1503-1 | New Linux kernel 2.4.27 packages fix several issues |
| Debian DSA |
DSA-1503-2 | New Linux kernel 2.4.27 packages fix several issues |
 EUVD |
EUVD-2007-4294 | The xfer_secondary_pool function in drivers/char/random.c in the Linux kernel 2.4 before 2.4.35 performs reseed operations on only the first few bytes of a buffer, which might make it easier for attackers to predict the output of the random number generator, related to incorrect use of the sizeof operator. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-07T14:53:55.250Z
Reserved: 2007-08-13T00:00:00
Link: CVE-2007-4311
Vulnrichment
No data.
NVD
Status : Deferred
Published: 2007-08-13T21:17:00.000
Modified: 2025-04-09T00:30:58.490
Link: CVE-2007-4311
Redhat
No data.
OpenCVE Enrichment
No data.