Candidate: CVE-2007-2453 References: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7f397dcdb78d699a20d96bfcfb595a2411a5bbd2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=602b6aeefe8932dd8bb15014e8fe6bb25d736361 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4 Description: The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect cast when extracting entropy, which might cause the random number generator to provide the same values after reboots on systems without an entropy source. Ubuntu-Description: The random number generator was hashing a subset of the available entropy, leading to slightly less random numbers. Additionally, systems without an entropy source would be seeded with the same inputs at boot time, leading to a repeatable series of random numbers. Notes: dannf> started a thread on vendor-sec about a fix for 2.4 (2008.02.06) Bugs: upstream: released (2.6.21.4) linux-2.6: released (2.6.21-5) 2.6.18-etch-security: released (2.6.18.dfsg.1-13etch1) [bugfix/random-fix-seeding-with-zero-entropy.patch, bugfix/random-fix-error-in-entropy-extraction.patch] 2.6.8-sarge-security: N/A "2.6.8 uses HASH_TRANSFORM, so I think its N/A" 2.4.27-sarge-security: N/A "Matt Mackall says these don't affect 2.4 (though 2.4 has a number of other issues)" 2.6.15-dapper-security: released (2.6.15-28.57) 2.6.17-edgy-security: released (2.6.17.1-11.39) 2.6.20-feisty-security: released (2.6.20-16.29)