Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-3238

Опубликовано: 18 сент. 2009
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.8
CVSS3: 5.5

Описание

The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to "return the same value over and over again for long stretches of time."

РелизСтатусПримечание
dapper

DNE

devel

not-affected

2.6.31.10.21
hardy

released

2.6.24-25.63
intrepid

released

2.6.27-15.43
jaunty

released

2.6.28-16.55
upstream

released

2.6.30~rc5

Показывать по

РелизСтатусПримечание
dapper

released

2.6.15-55.80
devel

DNE

hardy

DNE

intrepid

DNE

jaunty

DNE

upstream

released

2.6.30~rc5

Показывать по

Ссылки на источники

EPSS

Процентиль: 47%
0.00241
Низкий

7.8 High

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2009-3238

redhat
больше 16 лет назад

The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to "return the same value over and over again for long stretches of time."

nvd логотип

CVE-2009-3238

CVSS3: 5.5
nvd
почти 16 лет назад

The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to "return the same value over and over again for long stretches of time."

debian логотип

CVE-2009-3238

CVSS3: 5.5
debian
почти 16 лет назад

The get_random_int function in drivers/char/random.c in the Linux kern ...

github логотип

GHSA-gq5x-hvxj-cp4r

CVSS3: 5.5
github
больше 3 лет назад

The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to "return the same value over and over again for long stretches of time."

oracle-oval логотип

ELSA-2009-1106

oracle-oval
около 16 лет назад

ELSA-2009-1106: kernel security and bug fix update (IMPORTANT)

EPSS

Процентиль: 47%
0.00241
Низкий

7.8 High

CVSS2

5.5 Medium

CVSS3