RT-Thread
Weak random source in RT-Thread rt_random driver
Hi,
I would like to report another potential vulnerability in the current version of RT-Thread. Please let me know if you plan to ask for a CVE ID in case the vulnerability is confirmed. I'm available if you need further clarifications.
Weak random source in RT-Thread rt_random driver
Summary
I noticed a weak random source at the following location in the RT-Thread rt_random driver source code: https://github.com/RT-Thread/rt-thread/blob/master/components/drivers/misc/rt_random.c#L16-L28
Details
Weak random generator in the the calc_random() function:
static rt_uint16_t calc_random(void)
{
seed = 214013L * seed + 2531011L;
return (seed >> 16) & 0x7FFF; /* return bits 16~30 */
}
static rt_ssize_t random_read(rt_device_t dev, rt_off_t pos, void *buffer, rt_size_t size)
{
rt_uint16_t rand = calc_random(); /* VULN: weak random source */
ssize_t ret = sizeof(rand);
rt_memcpy(buffer, &rand, ret);
return ret;
}
Impact
If the reported weak random generator is used in a security context, such as cryptographic operations, it can expose to a number of attacks aimed to break encryption.
Hi, it's been one month since I reported this vulnerability, and I wanted to ask if you have any update. As standard practice, I plan to request a CVE ID for every confirmed vulnerability. I also intend to publish an advisory by February at the latest, unless there's a specific reason to postpone. Thanks!
Hi there, CVE-2024-25389 was assigned to this vulnerability. I'm planning to publish my security advisory and writeup on March 5th. Thanks.