On Mon, 2013-11-25 at 11:16 +0000, Luis Henriques wrote: > Hi, > > I believe the following commit should be included in all stable > kernels, as it fixes CVE-2013-4345: > > commit 714b33d15130cbb5ab426456d4e3de842d6c5b8a > Author: Neil Horman <nhorman@xxxxxxxxxxxxx> > Date: Tue Sep 17 08:33:11 2013 -0400 > > crypto: ansi_cprng - Fix off by one error in non-block size request > > Stephan Mueller reported to me recently a error in random number generation in > the ansi cprng. If several small requests are made that are less than the > instances block size, the remainder for loop code doesn't increment > rand_data_valid in the last iteration, meaning that the last bytes in the > rand_data buffer gets reused on the subsequent smaller-than-a-block request for > random data. > > The fix is pretty easy, just re-code the for loop to make sure that > rand_data_valid gets incremented appropriately I've queued this up for 3.2, thanks. Ben. -- Ben Hutchings Kids! Bringing about Armageddon can be dangerous. Do not attempt it in your own home. - Terry Pratchett and Neil Gaiman, `Good Omens'
Attachment:
signature.asc
Description: This is a digitally signed message part