kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #22160
[Bug 1229981] Re: CVE-2013-4345
** Description changed:
- ansi_cprng off-by-one
+ Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c
+ in the Linux kernel through 3.11.4 makes it easier for context-dependent
+ attackers to defeat cryptographic protection mechanisms via multiple
+ requests for small amounts of data, leading to improper management of
+ the state of the consumed data.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1229981
Title:
CVE-2013-4345
Status in “linux” package in Ubuntu:
New
Status in “linux-armadaxp” package in Ubuntu:
Invalid
Status in “linux-ec2” package in Ubuntu:
Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
Invalid
Status in “linux-lts-backport-maverick” package in Ubuntu:
New
Status in “linux-lts-backport-natty” package in Ubuntu:
New
Status in “linux-lts-quantal” package in Ubuntu:
Invalid
Status in “linux-lts-raring” package in Ubuntu:
Invalid
Status in “linux-mvl-dove” package in Ubuntu:
Invalid
Status in “linux-ti-omap4” package in Ubuntu:
New
Status in “linux” source package in Lucid:
New
Status in “linux-armadaxp” source package in Lucid:
Invalid
Status in “linux-ec2” source package in Lucid:
New
Status in “linux-fsl-imx51” source package in Lucid:
Invalid
Status in “linux-lts-backport-maverick” source package in Lucid:
New
Status in “linux-lts-backport-natty” source package in Lucid:
New
Status in “linux-lts-quantal” source package in Lucid:
Invalid
Status in “linux-lts-raring” source package in Lucid:
Invalid
Status in “linux-mvl-dove” source package in Lucid:
Invalid
Status in “linux-ti-omap4” source package in Lucid:
Invalid
Status in “linux” source package in Precise:
New
Status in “linux-armadaxp” source package in Precise:
New
Status in “linux-ec2” source package in Precise:
Invalid
Status in “linux-fsl-imx51” source package in Precise:
Invalid
Status in “linux-lts-backport-maverick” source package in Precise:
New
Status in “linux-lts-backport-natty” source package in Precise:
New
Status in “linux-lts-quantal” source package in Precise:
New
Status in “linux-lts-raring” source package in Precise:
New
Status in “linux-mvl-dove” source package in Precise:
Invalid
Status in “linux-ti-omap4” source package in Precise:
New
Status in “linux” source package in Quantal:
New
Status in “linux-armadaxp” source package in Quantal:
New
Status in “linux-ec2” source package in Quantal:
Invalid
Status in “linux-fsl-imx51” source package in Quantal:
Invalid
Status in “linux-lts-backport-maverick” source package in Quantal:
New
Status in “linux-lts-backport-natty” source package in Quantal:
New
Status in “linux-lts-quantal” source package in Quantal:
Invalid
Status in “linux-lts-raring” source package in Quantal:
Invalid
Status in “linux-mvl-dove” source package in Quantal:
Invalid
Status in “linux-ti-omap4” source package in Quantal:
New
Status in “linux” source package in Raring:
New
Status in “linux-armadaxp” source package in Raring:
Invalid
Status in “linux-ec2” source package in Raring:
Invalid
Status in “linux-fsl-imx51” source package in Raring:
Invalid
Status in “linux-lts-backport-maverick” source package in Raring:
New
Status in “linux-lts-backport-natty” source package in Raring:
New
Status in “linux-lts-quantal” source package in Raring:
Invalid
Status in “linux-lts-raring” source package in Raring:
Invalid
Status in “linux-mvl-dove” source package in Raring:
Invalid
Status in “linux-ti-omap4” source package in Raring:
New
Status in “linux” source package in Saucy:
New
Status in “linux-armadaxp” source package in Saucy:
Invalid
Status in “linux-ec2” source package in Saucy:
Invalid
Status in “linux-fsl-imx51” source package in Saucy:
Invalid
Status in “linux-lts-backport-maverick” source package in Saucy:
New
Status in “linux-lts-backport-natty” source package in Saucy:
New
Status in “linux-lts-quantal” source package in Saucy:
Invalid
Status in “linux-lts-raring” source package in Saucy:
Invalid
Status in “linux-mvl-dove” source package in Saucy:
Invalid
Status in “linux-ti-omap4” source package in Saucy:
New
Bug description:
Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c
in the Linux kernel through 3.11.4 makes it easier for context-
dependent attackers to defeat cryptographic protection mechanisms via
multiple requests for small amounts of data, leading to improper
management of the state of the consumed data.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1229981/+subscriptions
References