High severity7.0NVD Advisory· Published Nov 26, 2008· Updated Jun 16, 2026
CVE-2008-5162
CVE-2008-5162
Description
The arc4random function in the kernel in FreeBSD 6.3 through 7.1 does not have a proper entropy source for a short time period immediately after boot, which makes it easier for attackers to predict the function's return values and conduct certain attacks against the GEOM framework and various network protocols, related to the Yarrow random number generator.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
31cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*+ 29 more
- cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*range: >=6.4,<7.0
- cpe:2.3:o:freebsd:freebsd:6.3:-:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.3:p1:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.3:p2:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.3:p3:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.3:p4:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.3:p5:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.0:-:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.0:p1:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.0:p3:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.0:p4:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.0:p5:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.1:-:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.1:p1:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.1:p10:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.1:p12:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.1:p13:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.1:p14:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.1:p15:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.1:p16:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.1:p2:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.1:p3:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.1:p4:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.1:p5:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.1:p6:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.1:p7:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.1:p8:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.1:p9:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.1:rc1:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:7.1:rc2:*:*:*:*:*:*
- Range: 6.3 - 7.1
Patches
Vulnerability mechanics
References
5- security.freebsd.org/advisories/FreeBSD-SA-08:11.arc4random.ascnvdVendor Advisory
- securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/32447nvdBroken LinkThird Party AdvisoryVDB Entry
- osvdb.org/50137nvdBroken Link
- secunia.com/advisories/32871nvdBroken Link
News mentions
0No linked articles in our index yet.