QwikSec

Security Database

CVE

CWE

Training

CVE-2007-2453

Published: Jun 11, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect cast when extracting entropy, which might cause the random number generator to provide the same values after reboots on systems without an entropy source.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_UBUNTU

vdb-entry

x_refsource_SECTRACK

third-party-advisory

x_refsource_SECUNIA

SUSE-SA:2007:051

vendor-advisory

x_refsource_SUSE

vdb-entry

x_refsource_VUPEN

SUSE-SA:2007:043

vendor-advisory

x_refsource_SUSE

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_MANDRIVA

kernel-randomnumber-weak-security(34781)

vdb-entry

x_refsource_XF

vendor-advisory

x_refsource_DEBIAN

vendor-advisory

x_refsource_MANDRIVA

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_MANDRIVA

[linux-kernel] 20070608 Linux 2.6.21.4

mailing-list

x_refsource_MLIST

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_OSVDB

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_UBUNTU

third-party-advisory

x_refsource_SECUNIA

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

[linux-kernel] 20070608 Linux 2.6.20.13

mailing-list

x_refsource_MLIST

oval:org.mitre.oval:def:9960

vdb-entry

signature

x_refsource_OVAL

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.