Описание
hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | 2:2.6-15ubuntu2.5 |
| devel | not-affected | 2:2.9-1ubuntu2 |
| eoan | not-affected | 2:2.9-1ubuntu2 |
| esm-infra-legacy/trusty | needed | |
| esm-infra/bionic | not-affected | 2:2.6-15ubuntu2.5 |
| esm-infra/focal | not-affected | 2:2.9-1ubuntu2 |
| esm-infra/xenial | needed | |
| focal | not-affected | 2:2.9-1ubuntu2 |
| groovy | not-affected | 2:2.9-1ubuntu2 |
| hirsute | not-affected | 2:2.9-1ubuntu2 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.
hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.
hostapd before 2.6, in EAP mode, makes calls to the rand() and random( ...
hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.
Уязвимость функции rand() and random() программной сертификации устройств беспроводной сети WPA, связанная с недостатком в энтропии в выборе PIN, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5 Medium
CVSS2
7.5 High
CVSS3