Date: Thu, 16 Jan 2020 23:21:52 -0500 From: Jeffrey Walton <noloader@...il.com> To: oss-security@...ts.openwall.com Subject: Some AMD cpus with RDRAND fail to produce random numbers after suspend/resume This just made my radar. It appears some AMD cpus with RDRAND fail to produce random numbers after a suspend/resume. It looks like it was first reported in 2014 or so. Kernel bug: * https://bugzilla.kernel.org/show_bug.cgi?id=85911 Systemd bug: * https://github.com/systemd/systemd/issues/11810 Fedora bug: * https://bugzilla.redhat.com/show_bug.cgi?id=1150286 AMD patch: * https://lore.kernel.org/patchwork/patch/1115413/ I agree with Lennart Poettering. This seems CVE worthy given RDRAND is often used to get the kernel generator (and other userland generators) in good working order. (Thanks to https://www.phoronix.com/scan.php?page=news_item&px=AMD-CPUs-RdRand-Suspend for the article and links).
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.