Changes

Jump to navigation Jump to search
Line 1,047: Line 1,047:  
| June 11, 2024
 
| June 11, 2024
 
| [[User:Yellows8|yellows8]] (sysupdate diff)
 
| [[User:Yellows8|yellows8]] (sysupdate diff)
 +
|-
 +
| [[SSL_services|ssl]] broken RNG
 +
| [[SSL_services|ssl]] uses nn::os::GenerateRandomBytes, but not [[SPL_services|spl]] GenerateRandomBytes. See the RNG entries elsewhere. This is used to seed the NSS global RNG (drbg.c, RNG_GenerateGlobalRandomBytes etc).
 +
 +
If one could somehow determine the data which was returned by nn::os::GenerateRandomBytes during seeding (which is likely difficult), the global RNG would be broken.
 +
 +
With [19.0.0+] nn::os::GenerateRandomBytes usage was replaced with [[SPL_services|spl]] GenerateRandomBytes.
 +
| Breaking [[SSL_services|ssl]] global RNG -> potentially predict RNG data (keys(?)) during TLS comms.
 +
| [[19.0.0]]
 +
| [[19.0.0]]
 +
| December 14, 2021
 +
| October 8, 2024
 +
| [[User:Yellows8|yellows8]]
 
|}
 
|}
  

Navigation menu