The xfer_secondary_pool function in drivers/char/random.c in the Linux kernel 2.4 prior to 2.4.35 performs reseed operations on only the first few bytes of a buffer, which might make it easier for malicious users to predict the output of the random number generator, related to incorrect use of the sizeof operator.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |