CVE Vulnerabilities

CVE-2024-27632

Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)

Published: Apr 08, 2024 | Modified: Aug 16, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

An issue in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via the form_id in the form_header() function.

Weakness

The product uses a Pseudo-Random Number Generator (PRNG) but does not correctly manage seeds.

Extended Description

	   PRNGs are deterministic and, while their output appears
	   random, they cannot actually create entropy. They rely on
	   cryptographically secure and unique seeds for entropy so
	   proper seeding is critical to the secure operation of the
	   PRNG.

	   Management of seeds could be broken down into two main areas:
	   

		 
		 
	   

		   PRNGs require a seed as input to generate a stream of
		   numbers that are functionally indistinguishable from
		   random numbers.  While the output is, in many cases,
		   sufficient for cryptographic uses, the output of any
		   PRNG is directly determined by the seed provided as
		   input. If the seed can be ascertained by a third party,
		   the entire output of the PRNG can be made known to
		   them. As such, the seed should be kept secret and
		   should ideally not be able to be guessed. For example,
		   the current time may be a poor seed. Knowing the
		   approximate time the PRNG was seeded greatly reduces
		   the possible key space.
		 

		   Seeds do not necessarily need to be unique, but reusing seeds may open up attacks if the seed is discovered.

References