1571 matches found
CVE-2026-11625
Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...
EUVD-2026-39640
Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...
CVE-2026-53162
A flaw was found in the Linux kernel's memory cgroup memcg subsystem. When a non-maskable interrupt NMI occurs during an update of the system's random number generation state, it can lead to corruption of that state. This issue can result in memory cgroup charge draining, potentially causing syst...
PT-2026-51729
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The jent kcapi random function serializes the shared jitterentropy state by holding a spinlock during the jent read entropy call. Because this process involves expensive jitter collectio...
JLSEC-2026-622 Predictable WebSocket masking key and handshake nonce in HTTP.jl client
Description The WebSocket client masking key wssendframe! and the Sec-WebSocket-Key handshake nonce wsrandomhandshakekey were generated with randUInt8, n, which draws from the task-local Xoshiro256++ PRNG. Xoshiro is not cryptographically secure: its internal state can be recovered from a short r...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Netfilter: Use getrandomu32 instead of prandom. This issue may occur when updating the per-cpu rndstate from the user context, i.e., at the localout path. BUG: Using smpprocessorid in preemptible 00000000 code: nginx/2725 Caller:...
Steganography without Modification: Hidden Communication Via LLM Seeds
We demonstrate that widely deployed Large Language Model LLM inference stacks harbor a steganographic channel that requires no modification to model weights, sampling code, or output distributions. The channel exploits a structural property of deterministic decoding: pseudo-random number generato...
CVE-2025-59614
Memory Corruption when sending random number generator command with insufficient output buffer size...
CVE-2026-3290
Timing limitations of the HRNG in RS9116 when power save mode is enabled results in predictable values...
EUVD-2025-210027
Memory Corruption when sending random number generator command with insufficient output buffer size...
CVE-2025-59614
Memory Corruption when sending random number generator command with insufficient output buffer size...
CVE-2025-59614
Memory Corruption when sending random number generator command with insufficient output buffer size...
CVE-2025-59614 Out-of-bounds Write in Windows Compute
Memory Corruption when sending random number generator command with insufficient output buffer size...
CVE-2025-59614
Technical details for CVE-2025-59614 are not publicly available in the provided documents. Monitor for updates from NVD and Qualcomm security bulletins.
CVE-2025-59614 Out-of-bounds Write in Windows Compute
Memory Corruption when sending random number generator command with insufficient output buffer size...
PT-2026-45637
Memory Corruption when sending random number generator command with insufficient output buffer size...
Qualcomm Chipsets 缓冲区错误漏洞
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have a buffer error vulnerability, which stems from insufficient output buffer size during the execution of random number generator commands, leading to memory corruption...
USN-8325-1: tgt vulnerability
It was discovered that tgt incorrectly tried to achieve entropy by calling rand without srand. An attacker could possibly use this issue to make tgt generate an identical sequence of challenges, resulting in authentication bypass...
USN-8325-1 tgt vulnerability
It was discovered that tgt incorrectly tried to achieve entropy by calling rand without srand. An attacker could possibly use this issue to make tgt generate an identical sequence of challenges, resulting in authentication bypass...
CVE-2026-46075
In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path Unregister the hwrng to prevent new -read calls and flush the Atmel I2C workqueue before teardown to prevent a potential UAF if a queued callback runs while...