The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "265949335257160421048841755726896411418", "85740715644680951153291244963308001139", "265097868211723783790988614324628926567", "269572859882643590182705241053724691719", "217761889960474336027687829965283839789", "23842665874019155791647334962148317314", "94123984677896839415871256317920164235" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@f227e3ec3b5cad859ad15666874405e8c1bbc1d4", "signature_type": "Line", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-092332d7", "target": { "file": "include/linux/random.h" } }, { "digest": { "function_hash": "326832777949439493399467446424294968615", "length": 201.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@c51f8f88d705e06bd696d7510aff22b33eb8e638", "signature_type": "Function", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-0a0e09b3", "target": { "file": "lib/random32.c", "function": "prandom_seed" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "107562766937772993160365134240240111693", "104016285908153339688381071319494674617", "82348832145861357319721213900466045708", "211652220109442969856897795672568345046", "232806145868666657769219587235973487701", "204892034185886898621130095680721841787", "205400366021416542173259916174363738301", "283485590326334381899329065818198825580" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@f227e3ec3b5cad859ad15666874405e8c1bbc1d4", "signature_type": "Line", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-0cbbed50", "target": { "file": "kernel/time/timer.c" } }, { "digest": { "function_hash": "182352792773969128843561063483327307544", "length": 257.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@c51f8f88d705e06bd696d7510aff22b33eb8e638", "signature_type": "Function", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-1127ee4b", "target": { "file": "lib/random32.c", "function": "prandom_init" } }, { "digest": { "function_hash": "268487496132962904167786797659700083339", "length": 272.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@c51f8f88d705e06bd696d7510aff22b33eb8e638", "signature_type": "Function", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-12d0a0c5", "target": { "file": "lib/random32.c", "function": "__prandom_reseed" } }, { "digest": { "function_hash": "173834400814014433730095382831755899652", "length": 48.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@c51f8f88d705e06bd696d7510aff22b33eb8e638", "signature_type": "Function", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-241184d0", "target": { "file": "lib/random32.c", "function": "prandom_reseed_late" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "16726728339820330302805424614909062718", "245236867552351374897125464696846583454", "323447556509522466601061674293532679130", "233976827887606040999910621422603527013", "127916094393917831709937177740830706279", "101920680442683228414682746939121346388", "273204223819617986267241446131378230268", "113996355843109161834805582950857810001", "322009040725051354306267638404004385744", "280249795953055191157421977308050679019", "304349002635577602888448295222258488975", "151767182064987752179835782971672450191", "175007579074034948146706850629910176268", "80982283697126777006160665460019836159", "32656978644498317621998180380658866778", "224352300167342454254401174444918637648", "120852716782507842996330866558326699995", "212952646032890256538140576852972495137", "15687746294340906011367966441994787074", "300287011638809130727082152389451926561", "57388144232998659422052863462844830548", "46111764447175766986042499715755341773", "257488966128572820247772233781446936073", "131704858648615555197356140635740991537", "234868721512567583878323275825116658993", "115307667090658642082220110862925966504", "129148431636991017655314298115603490172", "193512046370951454181434350899031671289", "87817370349554731906687094408689980207", "247391060993673446109624545899550947734", "224218869386913357847995155608658121799", "9957445756505584857184548541698004337", "288509392571623445518718819962072011463", "65842044324954046695003196973665509510", "46476099543795526458555645046693286464", "328473324236220168759233897639515714929", "161393296413588525682530126279464615995", "21852891039772984304403478300725434092", "191105190011057617876258885078792164113", "269150487328208191595489713651637672439", "313329944252290548924030487168314468291", "258313570199017994554014231714390079915", "73211179819444419091352941265816856252", "30710787088496843559002373798233212731", "330211248255760171161732721960092981222", "174121837321773701067165690604019565879", "288908586361309306427750962628879889781", "258614567279600338248543975336323322218", "286084294779048471794760005474559312171", "6343274895828974103161078170890864494", "51064611198207557544389447191757780370", "24105274213930076902870792467129052289", "87220807428575483940585422581264242271", "293887601435361787669871038418801173520", "292777209557722463016931954309960665783", "294572689024341274828394174206578437484", "298102537537243406710831949948666099450", "276600115298090765622092535211427586182", "12038813519924885491011855064046016664", "278319750842092654678710702066862264779", "200125010632864296405172773329855349844", "140038116380008364628679287679720798853", "236559718500318223592645647651329620976", "19605361625695954652267408574230334076", "143599649143363778886330366481811313732", "218306271750892625050143414544045519743", "60828887194703969615453682621530027183", "72434492530079774036378704400121634846", "31428340274784037851433706485008653619", "204381609006704950651108279987393013714", "50414416826218915614093537265377550950", "114659225451904395224735685436865512993", "248148311750190698691769865131856197905", "296868192778197301474080124949266238998", "142980219164113297807737231419095535903", "205856906134346878809220535217771531586", "128645970414887992426859311795334270573", "292297876278454027381913277874854838479", "121495466297231144416908737828576770132", "67405396939263229517666044604345292765", "209051450114751003316027111065286172215", "42827343646986195754876439486145533735", "340044658331948194993229280044417615788", "291746185097074046497624160932353686742", "195837331551685103861469630344007379003", "13433602584039878713526927773849798045", "263273184839831062419988264637228477179", "111096863027782223915164200243211992197", "218893641293987487171396716088017706610", "313637328569079993746036302202669862330", "203497063884698681152303038634990175316", "63844735431227152817179967471848823541", "339229471485285295754401760012132602239", "153981182853865429172161458619193069258", "156714336289667714947069943868209065235", "2732133711026950868244044340175880646", "337945105138057110823985916731730984829", "315493041033415121444254558845285235159", "158035200300840291260248115158696319944", "271781218722231518683167978436444148114", "84049833307949702611719468377059612833", "138017217642435869506243117013753067569", "298542731452296609467225295331227773578", "308850471675568207984932728307177494461", "329382121872688153317757187667327528770", "315590684418487453527228463468713091162", "334518519936950214476239823191576712533", "9330400264836097468680581061464676499", "236358610990509923876934167780566881143", "34184054038084465214117163193694555888", "287913380563496721400516957389396425390", "81031951282078142382735895082584759738", "217003365812375251618210668458132463394", "217080590761033857316079398867061657998", "228993603283764983447910519664047140841", "214690177221944417932697337699745321528", "170268876578607102385385337037494829129", "233858486672451104446000021552034697336", "213420155228371929272731207026745552233", "226633495662210727329698352431752166567", "281590946868311686296420094138608786076", "198245570384485656447184776613315250673", "99509751459171094297520055665403325896", "289754641807434457689547236122595291303", "105655790925203736461780679081430858130", "10916130699980172074637256378767158040", "49879033732599813142400018996082648422" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@c51f8f88d705e06bd696d7510aff22b33eb8e638", "signature_type": "Line", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-24e8c355", "target": { "file": "lib/random32.c" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "166354849177060281583539957075506706224", "187936885302486139452677858702319139299", "326553390951715087738623742353217830717", "219813707536490148700255150731588888106" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@f227e3ec3b5cad859ad15666874405e8c1bbc1d4", "signature_type": "Line", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-27bff679", "target": { "file": "lib/random32.c" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "166354849177060281583539957075506706224", "187936885302486139452677858702319139299", "326553390951715087738623742353217830717", "219813707536490148700255150731588888106" ] }, "source": "https://github.com/torvalds/linux/commit/f227e3ec3b5cad859ad15666874405e8c1bbc1d4", "signature_type": "Line", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-295a034e", "target": { "file": "lib/random32.c" } }, { "digest": { "function_hash": "79340473955832497481365095866370715949", "length": 173.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@c51f8f88d705e06bd696d7510aff22b33eb8e638", "signature_type": "Function", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-43b40371", "target": { "file": "lib/random32.c", "function": "prandom_u32" } }, { "digest": { "function_hash": "115026700328936182282778238313760976228", "length": 1300.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@c51f8f88d705e06bd696d7510aff22b33eb8e638", "signature_type": "Function", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-449aaa56", "target": { "file": "drivers/char/random.c", "function": "add_interrupt_randomness" } }, { "digest": { "function_hash": "333697551854604376255826658735425873566", "length": 161.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@c51f8f88d705e06bd696d7510aff22b33eb8e638", "signature_type": "Function", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-4c48e980", "target": { "file": "lib/random32.c", "function": "prandom_bytes" } }, { "digest": { "function_hash": "246736796113117748958070330683252227483", "length": 129.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@c51f8f88d705e06bd696d7510aff22b33eb8e638", "signature_type": "Function", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-63408019", "target": { "file": "lib/random32.c", "function": "__prandom_start_seed_timer" } }, { "digest": { "function_hash": "3290002043445062103358589006611326880", "length": 878.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@c51f8f88d705e06bd696d7510aff22b33eb8e638", "signature_type": "Function", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-691982d2", "target": { "file": "lib/random32.c", "function": "prandom_state_selftest" } }, { "digest": { "function_hash": "282373511222138384244418046792794174115", "length": 82.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@c51f8f88d705e06bd696d7510aff22b33eb8e638", "signature_type": "Function", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-76df5979", "target": { "file": "lib/random32.c", "function": "prandom_reseed" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "90042087283916599073823448960212522987", "178030991254917928316036172638623501817", "44544136855834203923829507870578872295", "124485986115586439062429392883221287735" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@c51f8f88d705e06bd696d7510aff22b33eb8e638", "signature_type": "Line", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-cc87906d", "target": { "file": "drivers/char/random.c" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "231103250990958947290071549691085441279", "218659662602463324195247360071413958095", "312655539637843847773433603262245166105", "297939308420693132596392187222348276458", "255646024000837076618148436672252612620", "172099049909133373350484985143582850463", "270915742309122838985392154324863006452" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@c51f8f88d705e06bd696d7510aff22b33eb8e638", "signature_type": "Line", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-df946ec3", "target": { "file": "include/linux/prandom.h" } }, { "digest": { "function_hash": "325733315633356623344880730488680062885", "length": 329.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@c51f8f88d705e06bd696d7510aff22b33eb8e638", "signature_type": "Function", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-dfc25614", "target": { "file": "kernel/time/timer.c", "function": "update_process_times" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "265949335257160421048841755726896411418", "85740715644680951153291244963308001139", "265097868211723783790988614324628926567", "269572859882643590182705241053724691719", "217761889960474336027687829965283839789", "23842665874019155791647334962148317314", "94123984677896839415871256317920164235" ] }, "source": "https://github.com/torvalds/linux/commit/f227e3ec3b5cad859ad15666874405e8c1bbc1d4", "signature_type": "Line", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-e3f7de33", "target": { "file": "include/linux/random.h" } }, { "digest": { "function_hash": "331792420478174667224384291503534077716", "length": 253.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@c51f8f88d705e06bd696d7510aff22b33eb8e638", "signature_type": "Function", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-e671c901", "target": { "file": "lib/random32.c", "function": "__prandom_timer" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "107562766937772993160365134240240111693", "104016285908153339688381071319494674617", "82348832145861357319721213900466045708", "211652220109442969856897795672568345046", "232806145868666657769219587235973487701", "204892034185886898621130095680721841787", "205400366021416542173259916174363738301", "283485590326334381899329065818198825580" ] }, "source": "https://github.com/torvalds/linux/commit/f227e3ec3b5cad859ad15666874405e8c1bbc1d4", "signature_type": "Line", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-e99ce6b5", "target": { "file": "kernel/time/timer.c" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "85148093402031256380155773198511294625", "287286755794764136287337392708361870537", "322356748811448517179086792032053340203", "191115646868855623427198699255311488469" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@c51f8f88d705e06bd696d7510aff22b33eb8e638", "signature_type": "Line", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-16166-ea4777fa", "target": { "file": "kernel/time/timer.c" } } ] }