Unrated severityNVD Advisory· Published Aug 13, 2007· Updated Jun 16, 2026

CVE-2007-4311

Description

The xfer_secondary_pool function in drivers/char/random.c in the Linux kernel 2.4 before 2.4.35 performs reseed operations on only the first few bytes of a buffer, which might make it easier for attackers to predict the output of the random number generator, related to incorrect use of the sizeof operator.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: <=2.4.34
Linux/Linux kernelllm-fuzzy
Range: <2.4.35

Patches

Vulnerability mechanics

References

secunia.com/advisories/29058nvdVendor Advisory
www.vupen.com/english/advisories/2007/2690nvdVendor Advisory
git.kernel.orgnvd
git.kernel.orgnvd
www.debian.org/security/2008/dsa-1503nvd
www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.34.6nvd
www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35nvd
www.securityfocus.com/bid/25029nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000