CVE-2024-25389

Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Published: 27/03/2024 Updated: 01/05/2024

RT-Thread up to and including 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L * seed + 2531011L; return (seed >> 16) & 0x7FFF;" in calc_random in drivers/misc/rt_random.c.

Hi, Please find attached a security advisory that describes multiple vulnerabilities we discovered in RT-Thread RTOS * Title: Multiple vulnerabilities in RT-Thread RTOS * OS: RT-Thread <= 502 * Author: Marco Ivaldi <marcoivaldi () hnsecurity it> * Date: 2024-03-05 * CVE IDs and advisory URLs: * CVE-2024-24334 - githubcom/R ...

https://github.com/RT-Thread/rt-thread/issues/8283 https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/https://seclists.org/fulldisclosure/2024/Mar/28 http://www.openwall.com/lists/oss-security/2024/03/05/1 https://nvd.nist.gov https://seclists.org/fulldisclosure/2024/Mar/28

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2024-25389

Vulnerability Summary

Mailing Lists

References

Vulmon Search

About

Products

Connect