The get_random_int function in drivers/char/random.c in the Linux kernel prior to 2.6.30 produces insufficiently random numbers, which allows malicious users to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to "return the same value over and over again for long stretches of time."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
canonical ubuntu linux 9.04 |
||
canonical ubuntu linux 8.10 |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 6.06 |
||
opensuse opensuse 11.0 |
||
suse linux enterprise server 10 |
||
suse linux enterprise desktop 10 |