CVE-2024-45751
Publication date 6 September 2024
Last updated 19 September 2024
Ubuntu priority
tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical.
Status
Package | Ubuntu Release | Status |
---|---|---|
iscsitarget | 24.10 oracular | Not in release |
24.04 LTS noble | Not in release | |
22.04 LTS jammy | Not in release | |
20.04 LTS focal | Not in release | |
16.04 LTS xenial |
Needs evaluation
|
|
tgt | 24.10 oracular |
Needs evaluation
|
24.04 LTS noble |
Needs evaluation
|
|
22.04 LTS jammy |
Needs evaluation
|
|
20.04 LTS focal |
Fixed 1:1.0.79-2ubuntu1.1
|
|
18.04 LTS bionic |
Needs evaluation
|
|
16.04 LTS xenial |
Needs evaluation
|
|
14.04 LTS trusty | Ignored end of ESM support, was needs-triage |
Notes
References
Related Ubuntu Security Notices (USN)
- USN-7024-1
- tgt vulnerability
- 19 September 2024