Vulnerabilities

CVE-2013-4345

by Fred · 10/10/2013

Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the consumed data.

Date published : 2013-10-10

http://www.securityfocus.com/bid/62740

https://bugzilla.redhat.com/show_bug.cgi?id=1007690

Similar

Tags: Cybersecurity Alert