CVE-2009-3238

Priority
Medium
Description
The get_random_int function in drivers/char/random.c in the Linux kernel
before 2.6.30 produces insufficiently random numbers, which allows
attackers to predict the return value, and possibly defeat protection
mechanisms based on randomization, via vectors that leverage the function's
tendency to "return the same value over and over again for long stretches
of time."
References
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (2.6.24-25.63)
Patches:
Upstream:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8a0a9bd4db63bc45e3017bedeafbd88d0eb84d02
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:20:10 UTC (commit 5347)