CVE-2013-4345

Severity

57%

Complexity

86%

Confidentiality

81%

Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the consumed data.

Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the consumed data.

CVSS 2.0 Base Score 5.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:N).

Overview

First reported 11 years ago

2013-10-10 10:55:00

Last updated 5 years ago

2019-04-22 17:48:00

Affected Software

Linux Kernel 3.0 release candidate 1

3.0

Linux Kernel 3.0 release candidate 2

3.0

Linux Kernel 3.0 release candidate 3

3.0

Linux Kernel 3.0 release candidate 4

3.0

Linux Kernel 3.0 release candidate 5

3.0

Linux Kernel 3.0 release candidate 6

3.0

Linux Kernel 3.0 release candidate 7

3.0

Linux Kernel 3.0.1

3.0.1

Linux Kernel 3.0.2

3.0.2

Linux Kernel 3.0.3

3.0.3

Linux Kernel 3.0.4

3.0.4

Linux Kernel 3.0.5

3.0.5

Linux Kernel 3.0.6

3.0.6

Linux Kernel 3.0.7

3.0.7

Linux Kernel 3.0.8

3.0.8

Linux Kernel 3.0.9

3.0.9

Linux Kernel 3.0.10

3.0.10

Linux Kernel 3.0.11

3.0.11

Linux Kernel 3.0.12

3.0.12

Linux Kernel 3.0.13

3.0.13

Linux Kernel 3.0.14

3.0.14

Linux Kernel 3.0.15

3.0.15

Linux Kernel 3.0.16

3.0.16

Linux Kernel 3.0.17

3.0.17

Linux Kernel 3.0.18

3.0.18

Linux Kernel 3.0.19

3.0.19

Linux Kernel 3.0.20

3.0.20

Linux Kernel 3.0.21

3.0.21

Linux Kernel 3.0.22

3.0.22

Linux Kernel 3.0.23

3.0.23

Linux Kernel 3.0.24

3.0.24

Linux Kernel 3.0.25

3.0.25

Linux Kernel 3.0.26

3.0.26

Linux Kernel 3.0.27

3.0.27

Linux Kernel 3.0.28

3.0.28

Linux Kernel 3.0.29

3.0.29

Linux Kernel 3.0.30

3.0.30

Linux Kernel 3.0.31

3.0.31

Linux Kernel 3.0.32

3.0.32

Linux Kernel 3.0.33

3.0.33

Linux Kernel 3.0.34

3.0.34

Linux Kernel 3.0.35

3.0.35

Linux Kernel 3.0.36

3.0.36

Linux Kernel 3.0.37

3.0.37

Linux Kernel 3.0.38

3.0.38

Linux Kernel 3.0.39

3.0.39

Linux Kernel 3.0.40

3.0.40

Linux Kernel 3.0.41

3.0.41

Linux Kernel 3.0.42

3.0.42

Linux Kernel 3.0.43

3.0.43

Linux Kernel 3.0.44

3.0.44

Linux Kernel 3.0.45

3.0.45

Linux Kernel 3.0.46

3.0.46

Linux Kernel 3.0.47

3.0.47

Linux Kernel 3.0.48

3.0.48

Linux Kernel 3.0.49

3.0.49

Linux Kernel 3.0.50

3.0.50

Linux Kernel 3.0.51

3.0.51

Linux Kernel 3.0.52

3.0.52

Linux Kernel 3.0.53

3.0.53

Linux Kernel 3.0.54

3.0.54

Linux Kernel 3.0.55

3.0.55

Linux Kernel 3.0.56

3.0.56

Linux Kernel 3.0.57

3.0.57

Linux Kernel 3.0.58

3.0.58

Linux Kernel 3.0.59

3.0.59

Linux Kernel 3.0.60

3.0.60

Linux Kernel 3.0.61

3.0.61

Linux Kernel 3.0.62

3.0.62

Linux Kernel 3.0.63

3.0.63

Linux Kernel 3.0.64

3.0.64

Linux Kernel 3.0.65

3.0.65

Linux Kernel 3.0.66

3.0.66

Linux Kernel 3.0.67

3.0.67

Linux Kernel 3.0.68

3.0.68

Linux Kernel 3.1

3.1

Linux Kernel 3.1 release candidate 1

3.1

Linux Kernel 3.1 release candidate 2

3.1

Linux Kernel 3.1 release candidate 3

3.1

Linux Kernel 3.1 release candidate 4

3.1

Linux Kernel 3.1.1

3.1.1

Linux Kernel 3.1.2

3.1.2

Linux Kernel 3.1.3

3.1.3

Linux Kernel 3.1.4

3.1.4

Linux Kernel 3.1.5

3.1.5

Linux Kernel 3.1.6

3.1.6

Linux Kernel 3.1.7

3.1.7

Linux Kernel 3.1.8

3.1.8

Linux Kernel 3.1.9

3.1.9

Linux Kernel 3.1.10

3.1.10

Linux Kernel 3.2

3.2

Linux Kernel 3.2 (x86)

3.2

Linux Kernel 3.2 release candidate 2

3.2

Linux Kernel 3.2 release candidate 3

3.2

Linux Kernel 3.2 release candidate 4

3.2

Linux Kernel 3.2 release candidate 5

3.2

Linux Kernel 3.2 release candidate 6

3.2

Linux Kernel 3.2 release candidate 7

3.2

Linux Kernel 3.2.1

3.2.1

Linux Kernel 3.2.2

3.2.2

Linux Kernel 3.2.3

3.2.3

Linux Kernel 3.2.4

3.2.4

Linux Kernel 3.2.5

3.2.5

Linux Kernel 3.2.6

3.2.6

Linux Kernel 3.2.7

3.2.7

Linux Kernel 3.2.8

3.2.8

Linux Kernel 3.2.9

3.2.9

Linux Kernel 3.2.10

3.2.10

Linux Kernel 3.2.11

3.2.11

Linux Kernel 3.2.12

3.2.12

Linux Kernel 3.2.13

3.2.13

Linux Kernel 3.2.14

3.2.14

Linux Kernel 3.2.15

3.2.15

Linux Kernel 3.2.16

3.2.16

Linux Kernel 3.2.17

3.2.17

Linux Kernel 3.2.18

3.2.18

Linux Kernel 3.2.19

3.2.19

Linux Kernel 3.2.20

3.2.20

Linux Kernel 3.2.21

3.2.21

Linux Kernel 3.2.22

3.2.22

Linux Kernel 3.2.23

3.2.23

Linux Kernel 3.2.24

3.2.24

Linux Kernel 3.2.25

3.2.25

Linux Kernel 3.2.26

3.2.26

Linux Kernel 3.2.27

3.2.27

Linux Kernel 3.2.28

3.2.28

Linux Kernel 3.2.29

3.2.29

Linux Kernel 3.2.30

3.2.30

Linux Kernel 3.3

3.3

Linux Kernel 3.3 release candidate 1

3.3

Linux Kernel 3.3 release candidate 2

3.3

Linux Kernel 3.3 release candidate 3

3.3

Linux Kernel 3.3 release candidate 4

3.3

Linux Kernel 3.3 release candidate 5

3.3

Linux Kernel 3.3 release candidate 6

3.3

Linux Kernel 3.3 release candidate 7

3.3

Linux Kernel 3.3.1

3.3.1

Linux Kernel 3.3.2

3.3.2

Linux Kernel 3.3.3

3.3.3

Linux Kernel 3.3.4

3.3.4

Linux Kernel 3.3.5

3.3.5

Linux Kernel 3.3.6

3.3.6

Linux Kernel 3.3.7

3.3.7

Linux Kernel 3.3.8

3.3.8

Linux Kernel 3.4

3.4

Linux Kernel 3.4 release candidate 1

3.4

Linux Kernel 3.4 release candidate 2

3.4

Linux Kernel 3.4 release candidate 3

3.4

Linux Kernel 3.4 release candidate 3 (x86)

3.4

Linux Kernel 3.4 release candidate 4

3.4

Linux Kernel 3.4 release candidate 5

3.4

Linux Kernel 3.4 release candidate 6

3.4

Linux Kernel 3.4 release candidate 7

3.4

Linux Kernel 3.4.1

3.4.1

Linux Kernel 3.4.2

3.4.2

Linux Kernel 3.4.3

3.4.3

Linux Kernel 3.4.4

3.4.4

Linux Kernel 3.4.5

3.4.5

Linux Kernel 3.4.6

3.4.6

Linux Kernel 3.4.7

3.4.7

Linux Kernel 3.4.8

3.4.8

Linux Kernel 3.4.9

3.4.9

Linux Kernel 3.4.10

3.4.10

Linux Kernel 3.4.11

3.4.11

Linux Kernel 3.4.12

3.4.12

Linux Kernel 3.4.13

3.4.13

Linux Kernel 3.4.14

3.4.14

Linux Kernel 3.4.15

3.4.15

Linux Kernel 3.4.16

3.4.16

Linux Kernel 3.4.17

3.4.17

Linux Kernel 3.4.18

3.4.18

Linux Kernel 3.4.19

3.4.19

Linux Kernel 3.4.20

3.4.20

Linux Kernel 3.4.21

3.4.21

Linux Kernel 3.4.22

3.4.22

Linux Kernel 3.4.23

3.4.23

Linux Kernel 3.4.24

3.4.24

Linux Kernel 3.4.25

3.4.25

Linux Kernel 3.4.26

3.4.26

Linux Kernel 3.4.27

3.4.27

Linux Kernel 3.4.28

3.4.28

Linux Kernel 3.4.29

3.4.29

Linux Kernel 3.4.30

3.4.30

Linux Kernel 3.4.31

3.4.31

Linux Kernel 3.4.32

3.4.32

Linux Kernel 3.5.1

3.5.1

Linux Kernel 3.5.2

3.5.2

Linux Kernel 3.5.3

3.5.3

Linux Kernel 3.5.4

3.5.4

Linux Kernel 3.5.5

3.5.5

Linux Kernel 3.5.6

3.5.6

Linux Kernel 3.5.7

3.5.7

Linux Kernel 3.6

3.6

Linux Kernel 3.6.1

3.6.1

Linux Kernel 3.6.2

3.6.2

Linux Kernel 3.6.3

3.6.3

Linux Kernel 3.6.4

3.6.4

Linux Kernel 3.6.5

3.6.5

Linux Kernel 3.6.6

3.6.6

Linux Kernel 3.6.7

3.6.7

Linux Kernel 3.6.8

3.6.8

Linux Kernel 3.6.9

3.6.9

Linux Kernel 3.6.10

3.6.10

Linux Kernel 3.6.11

3.6.11

Linux Kernel 3.7

3.7

Linux Kernel 3.7.1

3.7.1

Linux Kernel 3.7.2

3.7.2

Linux Kernel 3.7.3

3.7.3

Linux Kernel 3.7.4

3.7.4

Linux Kernel 3.7.5

3.7.5

Linux Kernel 3.7.6

3.7.6

Linux Kernel 3.7.7

3.7.7

Linux Kernel 3.7.8

3.7.8

Linux Kernel 3.7.9

3.7.9

Linux Kernel 3.7.10

3.7.10

Linux Kernel 3.8.0

3.8.0

Linux Kernel 3.8.1

3.8.1

Linux Kernel 3.8.2

3.8.2

Linux Kernel 3.8.3

3.8.3

Linux Kernel 3.8.4

3.8.4

Linux Kernel 3.8.5

3.8.5

Linux Kernel 3.8.6

3.8.6

Linux Kernel 3.8.7

3.8.7

Linux Kernel 3.8.8

3.8.8

Linux Kernel 3.8.9

3.8.9

Linux Kernel 3.8.10

3.8.10

Linux Kernel 3.8.11

3.8.11

Linux Kernel 3.8.12

3.8.12

Linux Kernel 3.8.13

3.8.13

Linux Kernel 3.9 release candidate 1

3.9

Linux Kernel 3.9 release candidate 2

3.9

Linux Kernel 3.9 release candidate 3

3.9

Linux Kernel 3.9 release candidate 4

3.9

Linux Kernel 3.9 release candidate 5

3.9

Linux Kernel 3.9 release candidate 6

3.9

Linux Kernel 3.9 release candidate 7

3.9

Linux Kernel 3.9.0

3.9.0

Linux Kernel 3.9.1

3.9.1

Linux Kernel 3.9.2

3.9.2

Linux Kernel 3.9.3

3.9.3

Linux Kernel 3.9.4

3.9.4

Linux Kernel 3.9.5

3.9.5

Linux Kernel 3.9.6

3.9.6

Linux Kernel 3.9.7

3.9.7

Linux Kernel 3.9.8

3.9.8

Linux Kernel 3.9.9

3.9.9

Linux Kernel 3.9.10

3.9.10

Linux Kernel 3.9.11

3.9.11

Linux Kernel 3.10.1

3.10.1

Linux Kernel 3.10.2

3.10.2

Linux Kernel 3.10.3

3.10.3

Linux Kernel 3.10.4

3.10.4

Linux Kernel 3.10.5

3.10.5

Linux Kernel 3.10.6

3.10.6

Linux Kernel 3.10.7

3.10.7

Linux Kernel 3.10.8

3.10.8

Linux Kernel 3.10.9

3.10.9

Linux Kernel 3.10.10

3.10.10

Linux Kernel 3.10.11

3.10.11

Linux Kernel 3.10.2

3.10.12

Linux Kernel 3.11

3.11

Linux Kernel 3.11.1

3.11.1

Linux Kernel 3.11.2

3.11.2

Linux Kernel 3.11.3

3.11.3

Linux Kernel

RedHat Enterprise MRG 2.0

2.0

RedHat Enterprise MRG 2.1

2.1

RedHat Enterprise MRG 2.2

2.2

RedHat Enterprise MRG 2.3

2.3

RedHat Enterprise MRG 2.4

2.4

Fedora 18

18

Fedora 19

19

Red Hat Enterprise Linux 5

5

Red Hat Enterprise Linux 6.0

6.0

References

[linux-crypto] 20130917 [PATCH] ansi_cprng: Fix off by one error in non-block size request

Patch

RHSA-2013:1449

RHSA-2013:1490

RHSA-2013:1645

62740

USN-2064-1

USN-2065-1

USN-2068-1

USN-2070-1

USN-2071-1

USN-2072-1

USN-2074-1

USN-2075-1

USN-2076-1

USN-2109-1

USN-2110-1

USN-2158-1

https://bugzilla.redhat.com/show_bug.cgi?id=1007690

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.