How severe is CVE-2024-45751?

CVE-2024-45751 has a CVSS v3 score of 5.9 (MEDIUM).

CVE-2024-45751

5.9MEDIUM

tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical.

Опубликовано: 9/6/2024Обновлено: 11/30/2024

Описание

tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical.

ИИ-АнализНа базе ИИ

Ссылки

https://github.com/fujita/tgt/compare/v1.0.92...v1.0.93
https://github.com/fujita/tgt/pull/67
https://www.openwall.com/lists/oss-security/2024/09/07/2
http://www.openwall.com/lists/oss-security/2024/09/07/2
https://lists.debian.org/debian-lts-announce/2024/11/msg00033.html