CVE-2024-45751

Sept. 10, 2024, 12:15 p.m.

None
No Score

Description

tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical.

Product(s) Impacted

Product Versions
tgt (Linux target framework)
  • ['before 1.0.93']

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://github.com/fujita/tgt/compare/v1.0.92...v1.0.93
https://github.com/fujita/tgt/pull/67
https://www.openwall.com/lists/oss-security/2024/09/07/2

Tags

cve@mitre.org
2024-09-06
CVE-2024-45751

Timeline

Published: Sept. 6, 2024, 5:15 a.m.
Last Modified: Sept. 10, 2024, 12:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.