tgt v1.0.93 Flaw: Non-Random Sequence of Challenges
CVE-2024-45751
Currently unrated
Key Information:
- Vendor
- tgt (aka Linux target framework)
- Vendor
- CVE Published:
- 6 September 2024
Summary
tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical.
References
Timeline
Vulnerability published
Vulnerability Reserved