ubuntu · CVE-2007-5502

Quick triage

Priority: negligible Published: 2007-12-01 06:46:00 UTC Updated: 2024-07-24 15:57:39 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2007-5502 negligible priority: Ubuntu including 1 source packages (openssl), 5 status rows across 5 suites (dapper, edgy, feisty, gutsy, upstream): not-affected 4, needs-triage 1.

Description:

The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness.

cvelogic Threat Intelligence