{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2009-3238","title":"Title"},{"category":"description","text":"The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to \"return the same value over and over again for long stretches of time.\"","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2009-3238","url":"https://www.suse.com/security/cve/CVE-2009-3238"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 541658 for CVE-2009-3238","url":"https://bugzilla.suse.com/541658"},{"category":"external","summary":"Advisory link for SUSE-SA:2009:054","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MCVC6IAJSMAHKCEXE4OZYZAM4H2TQQKJ/#MCVC6IAJSMAHKCEXE4OZYZAM4H2TQQKJ"},{"category":"external","summary":"Advisory link for SUSE-SA:2009:055","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NTZFKAYEX5AMATOLRDBX7VRLGHI7ZA2G/#NTZFKAYEX5AMATOLRDBX7VRLGHI7ZA2G"},{"category":"external","summary":"Advisory link for SUSE-SA:2010:012","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VOKMCX2E7RFNL3MQBKUR5MTUYN2PLRY7/#VOKMCX2E7RFNL3MQBKUR5MTUYN2PLRY7"}],"title":"SUSE CVE CVE-2009-3238","tracking":{"current_release_date":"2023-12-09T03:35:51Z","generator":{"date":"2023-02-15T06:02:37Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2009-3238","initial_release_date":"2023-02-15T06:02:37Z","revision_history":[{"date":"2023-02-15T06:02:37Z","number":"2","summary":"Current version"},{"date":"2023-12-08T05:12:57Z","number":"3","summary":"Current version"},{"date":"2023-12-09T03:35:51Z","number":"4","summary":"Current version"}],"status":"interim","version":"4"}}}