7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
43.7%
The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the functionβs tendency to βreturn the same value over and over again for long stretches of time.β
CPE | Name | Operator | Version |
---|---|---|---|
linux:linux_kernel | linux linux kernel | lt | 2.6.30 |
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8a0a9bd4db63bc45e3017bedeafbd88d0eb84d02
lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html
lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
patchwork.kernel.org/patch/21766/
secunia.com/advisories/37105
secunia.com/advisories/37351
www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30
www.redhat.com/support/errata/RHSA-2009-1438.html
www.ubuntu.com/usn/USN-852-1
bugzilla.redhat.com/show_bug.cgi?id=499785
bugzilla.redhat.com/show_bug.cgi?id=519692
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11168
support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03836en_us
More
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
43.7%