Unrated severityNVD Advisory· Published May 31, 2011· Updated Apr 29, 2026

CVE-2011-0766

Description

The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys.

Affected products

Erlang/Crypto
cpe:2.3:a:erlang:crypto:*:*:*:*:*:*:*:*
Range: <=2.0.2.1
Erlang/Erlang\/otp10 versions
cpe:2.3:a:erlang:erlang\/otp:r11b-5:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:erlang:erlang\/otp:r11b-5:*:*:*:*:*:*:*
- cpe:2.3:a:erlang:erlang\/otp:r12b-5:*:*:*:*:*:*:*
- cpe:2.3:a:erlang:erlang\/otp:r13b:*:*:*:*:*:*:*
- cpe:2.3:a:erlang:erlang\/otp:r13b02-1:*:*:*:*:*:*:*
- cpe:2.3:a:erlang:erlang\/otp:r13b03:*:*:*:*:*:*:*
- cpe:2.3:a:erlang:erlang\/otp:r13b04:*:*:*:*:*:*:*
- cpe:2.3:a:erlang:erlang\/otp:r14a:*:*:*:*:*:*:*
- cpe:2.3:a:erlang:erlang\/otp:r14b:*:*:*:*:*:*:*
- cpe:2.3:a:erlang:erlang\/otp:r14b01:*:*:*:*:*:*:*
- cpe:2.3:a:erlang:erlang\/otp:r14b02:*:*:*:*:*:*:*
SSH/SSH
cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*
Range: <=2.0.4

Patches

f228601de45c

Merge branch 'maint-r14' into dev

https://github.com/erlang/otpNiclas EklundApr 20, 2011via nvd-ref

commit

11 files changed · +213 −68

lib/crypto/c_src/crypto.c+61 −0 modified

@@ -134,7 +134,9 @@ static ERL_NIF_TERM des_ede3_cbc_crypt(ErlNifEnv* env, int argc, const ERL_NIF_T
 static ERL_NIF_TERM aes_cfb_128_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM aes_ctr_encrypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM rand_bytes_1(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+static ERL_NIF_TERM strong_rand_bytes_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM rand_bytes_3(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+static ERL_NIF_TERM strong_rand_mpint_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM rand_uniform_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM mod_exp_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM dss_verify(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
@@ -204,7 +206,9 @@ static ErlNifFunc nif_funcs[] = {
     {"aes_ctr_encrypt", 3, aes_ctr_encrypt},
     {"aes_ctr_decrypt", 3, aes_ctr_encrypt},
     {"rand_bytes", 1, rand_bytes_1},
+    {"strong_rand_bytes_nif", 1, strong_rand_bytes_nif},
     {"rand_bytes", 3, rand_bytes_3},
+    {"strong_rand_mpint_nif", 3, strong_rand_mpint_nif},
     {"rand_uniform_nif", 2, rand_uniform_nif},
     {"mod_exp_nif", 3, mod_exp_nif},
     {"dss_verify", 4, dss_verify},
@@ -704,6 +708,22 @@ static ERL_NIF_TERM rand_bytes_1(ErlNifEnv* env, int argc, const ERL_NIF_TERM ar
     ERL_VALGRIND_MAKE_MEM_DEFINED(data, bytes);
     return ret;
 }
+static ERL_NIF_TERM strong_rand_bytes_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (Bytes) */     
+    unsigned bytes;
+    unsigned char* data;
+    ERL_NIF_TERM ret;
+    if (!enif_get_uint(env, argv[0], &bytes)) {
+	return enif_make_badarg(env);
+    }
+    data = enif_make_new_binary(env, bytes, &ret);
+    if ( RAND_bytes(data, bytes) != 1) {
+        return atom_false;
+    }
+    ERL_VALGRIND_MAKE_MEM_DEFINED(data, bytes);
+    return ret;
+}
+
 static ERL_NIF_TERM rand_bytes_3(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
 {/* (Bytes, TopMask, BottomMask) */    
     unsigned bytes;
@@ -724,6 +744,47 @@ static ERL_NIF_TERM rand_bytes_3(ErlNifEnv* env, int argc, const ERL_NIF_TERM ar
     }
     return ret;
 }
+static ERL_NIF_TERM strong_rand_mpint_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (Bytes, TopMask, BottomMask) */    
+    unsigned bits;
+    BIGNUM *bn_rand;
+    int top, bottom;
+    unsigned char* data;
+    unsigned dlen;
+    ERL_NIF_TERM ret;
+    if (!enif_get_uint(env, argv[0], &bits)
+	|| !enif_get_int(env, argv[1], &top)
+	|| !enif_get_int(env, argv[2], &bottom)) {
+	return enif_make_badarg(env);
+    }
+    if (! (top == -1 || top == 0 || top == 1) ) {
+        return enif_make_badarg(env);
+    }
+    if (! (bottom == 0 || bottom == 1) ) {
+        return enif_make_badarg(env);
+    }
+
+    bn_rand = BN_new();
+    if (! bn_rand ) {
+        return enif_make_badarg(env);
+    }
+
+    /* Get a (bits) bit random number */
+    if (!BN_rand(bn_rand, bits, top, bottom)) {
+        ret = atom_false;
+    }
+    else {
+	/* Copy the bignum into an erlang mpint binary. */
+	dlen = BN_num_bytes(bn_rand);
+	data = enif_make_new_binary(env, dlen+4, &ret);
+	put_int32(data, dlen);
+	BN_bn2bin(bn_rand, data+4);
+	ERL_VALGRIND_MAKE_MEM_DEFINED(data+4, dlen);
+    }
+    BN_free(bn_rand);
+
+    return ret;
+}
 
 static int get_bn_from_mpint(ErlNifEnv* env, ERL_NIF_TERM term, BIGNUM** bnp)
 {

lib/crypto/doc/src/crypto.xml+41 −1 modified

@@ -4,7 +4,7 @@
 <erlref>
   <header>
     <copyright>
-      <year>1999</year><year>2010</year>
+      <year>1999</year><year>2011</year>
       <holder>Ericsson AB. All Rights Reserved.</holder>
     </copyright>
     <legalnotice>
@@ -618,6 +618,21 @@ Mpint() = <![CDATA[<<ByteLen:32/integer-big, Bytes:ByteLen/binary>>]]>
           number generator.</p>
       </desc>
     </func>
+    <func>
+      <name>strong_rand_bytes(N) -> binary()</name>
+      <fsummary>Generate a binary of random bytes</fsummary>
+      <type>
+        <v>N = integer()</v>
+      </type>
+      <desc>
+        <p>Generates N bytes randomly uniform 0..255, and returns the
+        result in a binary. Uses a cryptographically secure prng seeded and
+        periodically mixed with operating system provided entropy. By default
+        this is the <c>RAND_bytes</c> method from OpenSSL.</p>
+	<p>May throw exception <c>low_entropy</c> in case the random generator
+	failed due to lack of secure "randomness".</p>
+      </desc>
+    </func>
     <func>
       <name>rand_uniform(Lo, Hi) -> N</name>
       <fsummary>Generate a random number</fsummary>
@@ -632,6 +647,31 @@ Mpint() = <![CDATA[<<ByteLen:32/integer-big, Bytes:ByteLen/binary>>]]>
           multi-precision integers.</p>
       </desc>
     </func>
+    <func>
+      <name>strong_rand_mpint(N, Top, Bottom) -> Mpint</name>
+      <fsummary>Generate an N bit random number</fsummary>
+      <type>
+        <v>N = non_neg_integer()</v>
+        <v>Top = -1 | 0 | 1</v>
+        <v>Bottom = 0 | 1</v>
+        <v>Mpint = binary()</v>
+      </type>
+      <desc>
+        <p>Generate an N bit random number using OpenSSL's
+        cryptographically strong pseudo random number generator
+        <c>BN_rand</c>.</p>
+        <p>The parameter <c>Top</c> places constraints on the most
+        significant bits of the generated number. If <c>Top</c> is 1, then the
+        two most significant bits will be set to 1, if <c>Top</c> is 0, the
+        most significant bit will be 1, and if <c>Top</c> is -1 then no
+        constraints are applied and thus the generated number may be less than
+        N bits long.</p>
+        <p>If <c>Bottom</c> is 1, then the generated number is
+        constrained to be odd.</p>
+	<p>May throw exception <c>low_entropy</c> in case the random generator
+	failed due to lack of secure "randomness".</p>
+      </desc>
+    </func>
     <func>
       <name>mod_exp(N, P, M) -> Result</name>
       <fsummary>Perform N ^ P mod M</fsummary>

lib/crypto/doc/src/notes.xml+16 −1 modified

@@ -4,7 +4,7 @@
 <chapter>
   <header>
     <copyright>
-      <year>1999</year><year>2010</year>
+      <year>1999</year><year>2011</year>
       <holder>Ericsson AB. All Rights Reserved.</holder>
     </copyright>
     <legalnotice>
@@ -30,6 +30,21 @@
   </header>
   <p>This document describes the changes made to the Crypto application.</p>
 
+<section><title>Crypto 2.0.2.2</title>
+
+    <section><title>Improvements and New Features</title>
+      <list>
+        <item>
+          <p>
+	    Strengthened random number generation. (Thanks to Geoff Cant)</p>
+          <p>
+	    Own Id: OTP-9225</p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>Crypto 2.0.2.1</title>
 
     <section><title>Improvements and New Features</title>

lib/crypto/src/crypto.erl+24 −1 modified

@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 1999-2010. All Rights Reserved.
+%% Copyright Ericsson AB 1999-2011. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -46,6 +46,7 @@
 -export([rsa_private_encrypt/3, rsa_public_decrypt/3]).
 -export([dh_generate_key/1, dh_generate_key/2, dh_compute_key/3]).
 -export([rand_bytes/1, rand_bytes/3, rand_uniform/2]).
+-export([strong_rand_bytes/1, strong_rand_mpint/3]).
 -export([mod_exp/3, mpint/1, erlint/1]).
 %% -export([idea_cbc_encrypt/3, idea_cbc_decrypt/3]).
 -export([aes_cbc_128_encrypt/3, aes_cbc_128_decrypt/3]).
@@ -68,6 +69,8 @@
 		    des_ede3_cbc_encrypt, des_ede3_cbc_decrypt,
 		    aes_cfb_128_encrypt, aes_cfb_128_decrypt,
 		    rand_bytes,
+		    strong_rand_bytes,
+		    strong_rand_mpint,
 		    rand_uniform,
 		    mod_exp,
 		    dss_verify,dss_sign,
@@ -361,12 +364,32 @@ aes_cfb_128_crypt(_Key, _IVec, _Data, _IsEncrypt) -> ?nif_stub.
 %% RAND - pseudo random numbers using RN_ functions in crypto lib
 %%
 -spec rand_bytes(non_neg_integer()) -> binary().
+-spec strong_rand_bytes(non_neg_integer()) -> binary().
 -spec rand_uniform(crypto_integer(), crypto_integer()) ->
 			  crypto_integer().
+-spec strong_rand_mpint(Bits::non_neg_integer(),
+			Top::-1..1,
+			Bottom::0..1) -> binary().
 
 rand_bytes(_Bytes) -> ?nif_stub.
+
+strong_rand_bytes(Bytes) ->
+    case strong_rand_bytes_nif(Bytes) of
+        false -> erlang:error(low_entropy);
+        Bin -> Bin
+    end.
+strong_rand_bytes_nif(_Bytes) -> ?nif_stub.
+
 rand_bytes(_Bytes, _Topmask, _Bottommask) -> ?nif_stub.
 
+strong_rand_mpint(Bits, Top, Bottom) -> 
+    case strong_rand_mpint_nif(Bits,Top,Bottom) of
+        false -> erlang:error(low_entropy);
+        Bin -> Bin
+    end.
+strong_rand_mpint_nif(_Bits, _Top, _Bottom) -> ?nif_stub.
+
+
 rand_uniform(From,To) when is_binary(From), is_binary(To) ->
     case rand_uniform_nif(From,To) of
 	<<Len:32/integer, MSB, Rest/binary>> when MSB > 127 ->

lib/crypto/test/crypto_SUITE.erl+31 −2 modified

@@ -46,6 +46,7 @@
 	 aes_ctr/1,
 	 mod_exp_test/1,
 	 rand_uniform_test/1,
+	 strong_rand_test/1,
 	 rsa_verify_test/1,
 	 dsa_verify_test/1,
 	 rsa_sign_test/1,
@@ -68,7 +69,8 @@ all() ->
      md5_mac_io, sha, sha_update, 
      %% sha256, sha256_update, sha512,sha512_update,
      des_cbc, aes_cfb, aes_cbc,
-     aes_cbc_iter, aes_ctr, des_cbc_iter, des_ecb, rand_uniform_test,
+     aes_cbc_iter, aes_ctr, des_cbc_iter, des_ecb,
+     rand_uniform_test, strong_rand_test,
      rsa_verify_test, dsa_verify_test, rsa_sign_test,
      dsa_sign_test, rsa_encrypt_decrypt, dh, exor_test,
      rc4_test, rc4_stream_test, mod_exp_test, blowfish_cfb64,
@@ -708,6 +710,33 @@ rand_uniform_aux_test(N) ->
     ?line t(R1 < H),
     ?line rand_uniform_aux_test(N-1).
 
+%%
+%%
+strong_rand_test(doc) ->
+    "strong_rand_mpint and strong_random_bytes testing";
+strong_rand_test(suite) ->
+    [];
+strong_rand_test(Config) when is_list(Config) ->
+    strong_rand_aux_test(180),
+    ?line 10 = byte_size(crypto:strong_rand_bytes(10)).
+
+strong_rand_aux_test(0) ->
+    ?line t(crypto:strong_rand_mpint(0,0,0) =:= <<0,0,0,0>>),
+    ok;
+strong_rand_aux_test(1) ->
+    ?line t(crypto:erlint(crypto:strong_rand_mpint(1,0,1)) =:= 1),
+    ?line strong_rand_aux_test(0);
+strong_rand_aux_test(N) ->
+    ?line t(sru_length(crypto:strong_rand_mpint(N,-1,0)) =< N),
+    ?line t(sru_length(crypto:strong_rand_mpint(N,0,0)) =:= N),
+    ?line t(crypto:erlint(crypto:strong_rand_mpint(N,0,1)) band 1 =:= 1),
+    ?line t(crypto:erlint(crypto:strong_rand_mpint(N,1,0)) bsr (N - 2) =:= 2#11),
+    ?line strong_rand_aux_test(N-1).
+
+sru_length(Mpint) ->
+    I = crypto:erlint(Mpint),
+    length(erlang:integer_to_list(I, 2)).
+
 %%
 %%
 %%
@@ -1097,7 +1126,7 @@ worker_loop(0, _) ->
     ok;
 worker_loop(N, Config) ->
     Funcs = { md5, md5_update, md5_mac, md5_mac_io, sha, sha_update, des_cbc,
-	      aes_cfb, aes_cbc, des_cbc_iter, rand_uniform_test, 
+	      aes_cfb, aes_cbc, des_cbc_iter, rand_uniform_test, strong_rand_test,
 	      rsa_verify_test, exor_test, rc4_test, rc4_stream_test, mod_exp_test },
 
     F = element(random:uniform(size(Funcs)),Funcs),

lib/crypto/vsn.mk+1 −1 modified

@@ -1 +1 @@
-CRYPTO_VSN = 2.0.2.1
+CRYPTO_VSN = 2.0.2.2

lib/ssh/doc/src/notes.xml+13 −0 modified

@@ -29,6 +29,19 @@
     <file>notes.xml</file>
   </header>
 
+<section><title>Ssh 2.0.5</title>
+    <section><title>Improvements and New Features</title>
+      <list>
+        <item>
+          <p>
+            Strengthened random number generation. (Thanks to Geoff Cant)</p>
+          <p>
+            Own Id: OTP-9225</p>
+        </item>
+      </list>
+    </section>
+</section>
+
 <section><title>Ssh 2.0.4</title>
     <section><title>Fixed Bugs and Malfunctions</title>
       <list>

lib/ssh/src/ssh.appup.src+18 −8 modified

@@ -19,34 +19,44 @@
 
 {"%VSN%",	
  [
-  {"2.0.3", [{load_module, ssh_file, soft_purge, soft_purge, []},
+  {"2.0.4", [{load_module, ssh_bits, soft_purge, soft_purge, []},
+             {load_module, ssh_connection_handler, soft_purge, soft_purge, []}]},
+  {"2.0.3", [{load_module, ssh_bits, soft_purge, soft_purge, []},
+             {load_module, ssh_connection_handler, soft_purge, soft_purge, []},
+             {load_module, ssh_file, soft_purge, soft_purge, []},
              {load_module, ssh, soft_purge, soft_purge, []},
              {load_module, ssh_rsa, soft_purge, soft_purge, []},
              {load_module, ssh_acceptor, soft_purge, soft_purge, []},
              {load_module, ssh_transport, soft_purge, soft_purge, []},
              {load_module, ssh_connection_manager, soft_purge, soft_purge, []}]},
-  {"2.0.2", [{load_module, ssh_file, soft_purge, soft_purge, []},
+  {"2.0.2", [{load_module, ssh_bits, soft_purge, soft_purge, []},
+             {load_module, ssh_connection_handler, soft_purge, soft_purge, []},
+             {load_module, ssh_file, soft_purge, soft_purge, []},
              {load_module, ssh, soft_purge, soft_purge, []},
              {load_module, ssh_rsa, soft_purge, soft_purge, []},
              {load_module, ssh_acceptor, soft_purge, soft_purge, []},
              {load_module, ssh_transport, soft_purge, soft_purge, []},
-             {load_module, ssh_connection_manager, soft_purge, soft_purge, []}]},
-  {"2.0.1", [{restart_application, ssh}]}
+             {load_module, ssh_connection_manager, soft_purge, soft_purge, []}]}
  ],
  [
-  {"2.0.3", [{load_module, ssh_file, soft_purge, soft_purge, []},
+  {"2.0.4", [{load_module, ssh_bits, soft_purge, soft_purge, []},
+             {load_module, ssh_connection_handler, soft_purge, soft_purge, []}]},
+  {"2.0.3", [{load_module, ssh_bits, soft_purge, soft_purge, []},
+             {load_module, ssh_connection_handler, soft_purge, soft_purge, []},
+             {load_module, ssh_file, soft_purge, soft_purge, []},
              {load_module, ssh, soft_purge, soft_purge, []},
              {load_module, ssh_rsa, soft_purge, soft_purge, []},
              {load_module, ssh_acceptor, soft_purge, soft_purge, []},
              {load_module, ssh_transport, soft_purge, soft_purge, []},
              {load_module, ssh_connection_manager, soft_purge, soft_purge, []}]},
-  {"2.0.2", [{load_module, ssh_file, soft_purge, soft_purge, []},
+  {"2.0.2", [{load_module, ssh_bits, soft_purge, soft_purge, []},
+             {load_module, ssh_connection_handler, soft_purge, soft_purge, []},
+             {load_module, ssh_file, soft_purge, soft_purge, []},
              {load_module, ssh, soft_purge, soft_purge, []},
              {load_module, ssh_rsa, soft_purge, soft_purge, []},
              {load_module, ssh_acceptor, soft_purge, soft_purge, []},
              {load_module, ssh_transport, soft_purge, soft_purge, []},
-             {load_module, ssh_connection_manager, soft_purge, soft_purge, []}]},
-  {"2.0.1", [{restart_application, ssh}]}
+             {load_module, ssh_connection_manager, soft_purge, soft_purge, []}]}
  ]
 }.

lib/ssh/src/ssh_bits.erl+6 −50 modified

@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2005-2010. All Rights Reserved.
+%% Copyright Ericsson AB 2005-2011. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -34,7 +34,7 @@
 %% integer utils
 -export([isize/1]).
 -export([irandom/1, irandom/3]).
--export([random/1, random/3]).
+-export([random/1]).
 -export([xor_bits/2, fill_bits/2]).
 -export([i2bin/2, bin2i/1]).
 
@@ -401,9 +401,6 @@ xor_bits(XBits, YBits) ->
 irandom(Bits) ->
     irandom(Bits, 1, 0).
 
-%% irandom_odd(Bits) ->
-%%     irandom(Bits, 1, 1).
-
 %%
 %% irandom(N, Top, Bottom)
 %%
@@ -414,57 +411,16 @@ irandom(Bits) ->
 %%       Bot = 0 - do not set the least signifcant bit
 %%       Bot = 1 - set the least signifcant bit (i.e always odd)
 %%
-irandom(0, _Top, _Bottom) -> 
-    0;
-irandom(Bits, Top, Bottom) ->
-    Bytes = (Bits+7) div 8,
-    Skip  = (8-(Bits rem 8)) rem 8,
-    TMask = case Top of
-		  0 -> 0;
-		  1 -> 16#80;
-		  2 -> 16#c0
-	      end,
-    BMask = case Bottom of
-		0 -> 0;
-		1 -> (1 bsl Skip)
-	    end,
-    <<X:Bits/big-unsigned-integer, _:Skip>> = random(Bytes, TMask, BMask),
-    X.
+irandom(Bits, Top, Bottom) when is_integer(Top),
+                                0 =< Top, Top =< 2 ->
+    crypto:erlint(crypto:strong_rand_mpint(Bits, Top - 1, Bottom)).
 
 %%
 %% random/1
 %%   Generate N random bytes
 %%
 random(N) ->
-    random(N, 0, 0).
-
-random(N, TMask, BMask) ->
-    list_to_binary(rnd(N, TMask, BMask)).
-
-%% random/3
-%%   random(Bytes, TopMask, BotMask)
-%% where 
-%% Bytes is the number of bytes to generate
-%% TopMask is bitwised or'ed to the first byte
-%% BotMask is bitwised or'ed to the last byte
-%%
-rnd(0, _TMask, _BMask) ->
-    [];
-rnd(1, TMask, BMask) ->
-    [(rand8() bor TMask) bor BMask];
-rnd(N, TMask, BMask) ->
-    [(rand8() bor TMask) | rnd_n(N-1, BMask)].
-
-rnd_n(1, BMask) ->
-    [rand8() bor BMask];
-rnd_n(I, BMask) ->
-    [rand8() | rnd_n(I-1, BMask)].
-
-rand8() ->
-    (rand32() bsr 8) band 16#ff.
-
-rand32() ->
-    random:uniform(16#100000000) -1.
+    crypto:strong_rand_bytes(N).
 
 %%
 %% Base 64 encode/decode

lib/ssh/src/ssh_connection_handler.erl+1 −3 modified

@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2008-2010. All Rights Reserved.
+%% Copyright Ericsson AB 2008-2011. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -106,8 +106,6 @@ peer_address(ConnectionHandler) ->
 %% initialize. 
 %%--------------------------------------------------------------------
 init([Role, Manager, Socket, SshOpts]) ->
-    {A,B,C} = erlang:now(),
-    random:seed(A, B, C),
     {NumVsn, StrVsn} = ssh_transport:versions(Role, SshOpts),
     ssh_bits:install_messages(ssh_transport:transport_messages(NumVsn)),
     {Protocol, Callback, CloseTag} =

lib/ssh/vsn.mk+1 −1 modified

@@ -1,5 +1,5 @@
 #-*-makefile-*-   ; force emacs to enter makefile-mode
 
-SSH_VSN = 2.0.4
+SSH_VSN = 2.0.5
 APP_VSN    = "ssh-$(SSH_VSN)"

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

www.kb.cert.org/vuls/id/178990nvdPatchThird Party AdvisoryUS Government Resource
github.com/erlang/otp/commit/f228601de45c5b53241b103af6616453c50885a5nvdPatch
secunia.com/advisories/44709nvdVendor Advisory
www.securityfocus.com/bid/47980nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000