Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the consumed data.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
13 Feb 2023, 00:28
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the consumed data. |
02 Feb 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:redhat:enterprise_mrg:2.2:*:*:*:*:*:*:* cpe:2.3:a:redhat:enterprise_mrg:2.3:*:*:*:*:*:*:* cpe:2.3:a:redhat:enterprise_mrg:2.1:*:*:*:*:*:*:* cpe:2.3:a:redhat:enterprise_mrg:2.4:*:*:*:*:*:*:* |
cpe:2.3:o:redhat:enterprise_mrg:2.3:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_mrg:2.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_mrg:2.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_mrg:2.1:*:*:*:*:*:*:* |
References |
|
|
Summary | CVE-2013-4345 kernel: ansi_cprng: off by one error in non-block size request |
Information
Published : 2013-10-10 10:55
Updated : 2023-12-10 11:16
NVD link : CVE-2013-4345
Mitre link : CVE-2013-4345
CVE.ORG link : CVE-2013-4345
JSON object : View
Products Affected
linux
- linux_kernel
redhat
- enterprise_linux
- enterprise_mrg
fedoraproject
- fedora
CWE
CWE-189
Numeric Errors