Weekly Vulnerabilities Reports > September 14 to 20, 2009
Overview
1 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 0 high severity vulnerabilities. This weekly summary report vulnerabilities in 5 products from 4 vendors including Linux, Opensuse, Suse, and Canonical. Vulnerabilities are notably categorized as and "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)".
- Linux has the most reported vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
0 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|
0 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|
1 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-09-18 | CVE-2009-3238 | Linux Canonical Opensuse Suse | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to "return the same value over and over again for long stretches of time." | 5.5 |
0 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|