In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.
References
Link | Resource |
---|---|
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc | Vendor Advisory |
https://arxiv.org/pdf/2112.09604.pdf | Third Party Advisory |
Configurations
History
08 Aug 2023, 14:22
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-338 |
Information
Published : 2021-12-25 02:15
Updated : 2024-02-28 18:48
NVD link : CVE-2021-45484
Mitre link : CVE-2021-45484
CVE.ORG link : CVE-2021-45484
JSON object : View
Products Affected
netbsd
- netbsd
CWE
CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)