Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through 6.3, and 7.0 beta 4 allows local users to obtain portions of previously-accessed random values, which could be leveraged to bypass protection mechanisms that rely on secrecy of those values.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FreeBSD不安全随机数生成器信息泄露漏洞
Vulnerability Description
FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 FreeBSD的伪随机数生成模块实现上存在漏洞,本地攻击者可能利用此漏洞获取伪随机数据相关的信息。 在FreeBSD的sys_dev_random模块中,random(4)和urandom(4)设备在读取时会返回无穷的伪随机字节,加密算法通常依赖于这些伪随机值来确保安全。在某些环境下,random(4)和urandom(4)设备上内部状态追踪中的bug可能导致在之后的读取中重放分发的数据,这可能允许攻击者判断之前读取随机
CVSS Information
N/A
Vulnerability Type
N/A