Back to search
CVE-2008-5162
Published: Nov 26, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
The arc4random function in the kernel in FreeBSD 6.3 through 7.1 does not have a proper entropy source for a short time period immediately after boot, which makes it easier for attackers to predict the function's return values and conduct certain attacks against the GEOM framework and various network protocols, related to the Yarrow random number generator.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
32871
third-party-advisory
x_refsource_SECUNIA
FreeBSD-SA-08:11
vendor-advisory
x_refsource_FREEBSD
1021276
vdb-entry
x_refsource_SECTRACK
50137
vdb-entry
x_refsource_OSVDB
32447
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now