Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 23 Mar 2012 12:55:10 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: "Todd C. Miller" <Todd.Miller@...rtesan.com>
Subject: Re: CVE for OpenBSD random() bug?

On 03/22/2012 07:24 AM, Todd C. Miller wrote:
>> It would seem this fits into the "weaker then advertised" class of
>> security problem. Thoughts/comments (anyone strongly against this)?
> 
> Since random(3) is not a cryptographically secure random function
> I'm not sure that is makes sense to assign a CVE.
> 
> I suppose it really depends on the likelihood of someone calling
> srandom(0); I don't know why anyone would do that on purpose.  If
> you must use random(3) instead of something stronger like arc4random(3),
> it is possible to seed the PRNG via /dev/arandom using srandomdev(3)
> or set the seed state manually via initstate(3), both of which
> provide more than just 32 bits of seed data.
> 
>  - todd

I guess if no-one thought it would be used insecurely it wouldn't need
to be fixed ;). Also not all security uses of randomness are strictly
crypto related (e.g. array seeds to defeat HashDoS, etc.).

Please use CVE-2012-1577 for this issue.


-- 
Kurt Seifried Red Hat Security Response Team (SRT)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.