tgt v1.0.93 Flaw: Non-Random Sequence of Challenges

CVE-2024-45751
Currently unrated 🤨

Key Information

Vendor
tgt (aka Linux target framework)
Vendor
CVE Published:
6 September 2024

Summary

tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical.

Timeline

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre Database
.