A weakness was found in the kernels implementation of random seed generation. The random number seeding policy had three states.
0: The CRNG is not initialized at all
1: The CRNG has a small amount of entropy, hopefully good enough for
early-boot, non-cryptographical use cases
2: The CRNG is fully initialized and we are sure it is safe for
cryptographic use cases.
The crng_ready() function should only return true once we are in the
last state. Some users of the CRNG would access the random seed data before it was seeded to an acceptable value. Knowing this value would weaken cryptographic methods if the seed was able to be determined.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1572074]