Bug 499786
Summary: | CVE-2009-3238 kernel: random: make get_random_int() more random [rhel-4.8.z] | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 4 | Reporter: | Eugene Teo (Security Response) <eteo> |
Component: | kernel | Assignee: | Vitaly Mayatskikh <vmayatsk> |
Status: | CLOSED WONTFIX | QA Contact: | Red Hat Kernel QE team <kernel-qe> |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | 4.8 | CC: | dhoward, jlieskov, jskrabal, lwang, security-response-team, vmayatsk |
Target Milestone: | rc | Keywords: | ZStream |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | 499776 | Environment: | |
Last Closed: | 2009-06-03 13:31:05 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 499785 | ||
Bug Blocks: |
Description
Eugene Teo (Security Response)
2009-05-08 06:56:03 UTC
MITRE's CVE-2009-3238 record: ----------------------------- The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to "return the same value over and over again for long stretches of time." References: ---------- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3238 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8a0a9bd4db63bc45e3017bedeafbd88d0eb84d02 http://patchwork.kernel.org/patch/21766/ http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30 https://bugzilla.redhat.com/show_bug.cgi?id=499785 https://bugzilla.redhat.com/show_bug.cgi?id=519692 http://www.redhat.com/support/errata/RHSA-2009-1438.html |