Note:
This project will be discontinued after December 13, 2021. [more]
2018-05-21
kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated.
| Products | Ubuntu_linux, Debian_linux, Linux_kernel |
| Type | Use of Insufficiently Random Values (CWE-330) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://usn.ubuntu.com/3752-1/
• https://usn.ubuntu.com/3752-2/ • https://usn.ubuntu.com/3718-2/ • https://www.debian.org/security/2018/dsa-4188 • http://www.securityfocus.com/bid/104055 |