** Description changed: - ansi_cprng off-by-one + Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c + in the Linux kernel through 3.11.4 makes it easier for context-dependent + attackers to defeat cryptographic protection mechanisms via multiple + requests for small amounts of data, leading to improper management of + the state of the consumed data.
-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1229981 Title: CVE-2013-4345 Status in “linux” package in Ubuntu: New Status in “linux-armadaxp” package in Ubuntu: Invalid Status in “linux-ec2” package in Ubuntu: Invalid Status in “linux-fsl-imx51” package in Ubuntu: Invalid Status in “linux-lts-backport-maverick” package in Ubuntu: New Status in “linux-lts-backport-natty” package in Ubuntu: New Status in “linux-lts-quantal” package in Ubuntu: Invalid Status in “linux-lts-raring” package in Ubuntu: Invalid Status in “linux-mvl-dove” package in Ubuntu: Invalid Status in “linux-ti-omap4” package in Ubuntu: New Status in “linux” source package in Lucid: New Status in “linux-armadaxp” source package in Lucid: Invalid Status in “linux-ec2” source package in Lucid: New Status in “linux-fsl-imx51” source package in Lucid: Invalid Status in “linux-lts-backport-maverick” source package in Lucid: New Status in “linux-lts-backport-natty” source package in Lucid: New Status in “linux-lts-quantal” source package in Lucid: Invalid Status in “linux-lts-raring” source package in Lucid: Invalid Status in “linux-mvl-dove” source package in Lucid: Invalid Status in “linux-ti-omap4” source package in Lucid: Invalid Status in “linux” source package in Precise: New Status in “linux-armadaxp” source package in Precise: New Status in “linux-ec2” source package in Precise: Invalid Status in “linux-fsl-imx51” source package in Precise: Invalid Status in “linux-lts-backport-maverick” source package in Precise: New Status in “linux-lts-backport-natty” source package in Precise: New Status in “linux-lts-quantal” source package in Precise: New Status in “linux-lts-raring” source package in Precise: New Status in “linux-mvl-dove” source package in Precise: Invalid Status in “linux-ti-omap4” source package in Precise: New Status in “linux” source package in Quantal: New Status in “linux-armadaxp” source package in Quantal: New Status in “linux-ec2” source package in Quantal: Invalid Status in “linux-fsl-imx51” source package in Quantal: Invalid Status in “linux-lts-backport-maverick” source package in Quantal: New Status in “linux-lts-backport-natty” source package in Quantal: New Status in “linux-lts-quantal” source package in Quantal: Invalid Status in “linux-lts-raring” source package in Quantal: Invalid Status in “linux-mvl-dove” source package in Quantal: Invalid Status in “linux-ti-omap4” source package in Quantal: New Status in “linux” source package in Raring: New Status in “linux-armadaxp” source package in Raring: Invalid Status in “linux-ec2” source package in Raring: Invalid Status in “linux-fsl-imx51” source package in Raring: Invalid Status in “linux-lts-backport-maverick” source package in Raring: New Status in “linux-lts-backport-natty” source package in Raring: New Status in “linux-lts-quantal” source package in Raring: Invalid Status in “linux-lts-raring” source package in Raring: Invalid Status in “linux-mvl-dove” source package in Raring: Invalid Status in “linux-ti-omap4” source package in Raring: New Status in “linux” source package in Saucy: New Status in “linux-armadaxp” source package in Saucy: Invalid Status in “linux-ec2” source package in Saucy: Invalid Status in “linux-fsl-imx51” source package in Saucy: Invalid Status in “linux-lts-backport-maverick” source package in Saucy: New Status in “linux-lts-backport-natty” source package in Saucy: New Status in “linux-lts-quantal” source package in Saucy: Invalid Status in “linux-lts-raring” source package in Saucy: Invalid Status in “linux-mvl-dove” source package in Saucy: Invalid Status in “linux-ti-omap4” source package in Saucy: New Bug description: Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c in the Linux kernel through 3.11.4 makes it easier for context- dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the consumed data. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1229981/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
