CVE-2024-45751

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-45751

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45751.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-45751

Related

Published

2024-09-06T05:15:13Z

Modified

2025-01-14T12:16:03.342540Z

Summary

[none]

Details

tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical.

References

Affected packages

Debian:11 / tgt

Package

Name: tgt
Purl: pkg:deb/debian/tgt?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.0.80-1+deb11u1

Affected versions

1:1.*

1:1.0.80-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / tgt

Package

Name: tgt
Purl: pkg:deb/debian/tgt?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.0.85-1+deb12u1

Affected versions

1:1.*

1:1.0.85-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / tgt

Package

Name: tgt
Purl: pkg:deb/debian/tgt?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.0.85-1.3

Affected versions

1:1.*

1:1.0.85-1

1:1.0.85-1.1

1:1.0.85-1.2

Ecosystem specific

{
    "urgency": "not yet assigned"
}