Linux Quietly Makes It Harder To Guess Network RNG's Internal State
Written by Michael Larabel in Linux Networking on 29 July 2020 at 08:43 PM EDT. 7 Comments
LINUX NETWORKING --
Merged today to mainline for Linux 5.8 Git and also marked for back-porting is a change to make it more difficult to guess the network random number generator's internal state. It looks like it could be for a yet-to-be-published vulnerability.

Hitting the Linux kernel Git tree today was random32: update the net random state on interrupt and activity. With that change the first 32 bits out of the 128 bits of a random CPU's "net_rand_state" is now being modified on interrupt or CPU activity. This is being done "to complicate remote observations that could lead to guessing the network RNG's internal state."

Depending upon the system configuration this re-seeding could potentially happen on every network packet or in some cases less often depending upon the frequency of timer interrupts or not. Thus this commit also updates the state when there is user or system activity as well to ensure its harder to guess the contents of the random state.

This patch doesn't appear to have been on the Linux kernel mailing list or netdev, or even discussed on any public mailing lists based upon some quick searches. The patch does note that this matter was reported by Amit Klein, who is a security researcher that has reported Linux kernel vulnerabilities in the past as well as presenting research at various security conferences.

The code is marked for back-porting to the stable series so should in turn get picked up by the various Linux distribution kernels soon. We'll see if anything more comes of this around potentially guessing the network RNG's internal state as it's quite possible the kernel was just quietly being patched ahead of a formal public disclosure in the near future.
Related News
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Popular News This Week

çeviri malatya oto kiralama parça eşya taşıma şehirler arası nakliyat şehirlerarası evden eve nakliyat istanbul bursa şehirler arası nakliyat malatya oto kiralama istanbul evden eve nakliyat ofis taşıma ofis taşımacılığı evden eve nakliyat evden eve nakliyat büyü aşk büyüsü ayırma büyüsü medyum medyum şikayetleri medyum yorumları büyü aşk büyüsü bağlama büyüsü dua aşk duası aşk büyüsü büyü aşk büyüsü bağlama büyüsü medyum dolunay medyum aşk büyüsü medyum medyum şikayetleri medyum yorumları metal galvanizli sac paslanmaz sac metal hrp sac paslanmaz çelik mekjoy.com seo seo kursu sex shop istanbul sex shop ataşehir sex shop İstanbul evden eve nakliyat eşya depolama eşya depolama viagra fiyatı cialis fiyat b374k shell