Published: 13/08/2007 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

The xfer_secondary_pool function in drivers/char/random.c in the Linux kernel 2.4 prior to 2.4.35 performs reseed operations on only the first few bytes of a buffer, which might make it easier for malicious users to predict the output of the random number generator, related to incorrect use of the sizeof operator.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2004-2731 infamous41md reported multiple integer overflows in the Sbus PROM driver that would allo ...

CWE-310 http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35 http://www.debian.org/security/2008/dsa-1503 http://secunia.com/advisories/29058 http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.34.6 http://www.securityfocus.com/bid/25029 http://www.vupen.com/english/advisories/2007/2690 http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.34.y.git%3Ba=commit%3Bh=faa3369ac2ea7feb0dd266b6a5e8d6ab153cf925 http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.34.y.git%3Ba=commit%3Bh=bd67d4c7b11cc33ebdc346bc8926d255b354cd64 https://nvd.nist.gov https://www.debian.org/security/./dsa-1503

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-4311

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect