{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"descriptions":[{"lang":"en","value":"hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2020-08-08T22:06:12.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_MISC"],"url":"https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389"},{"name":"[oss-security] 20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2020/02/27/1"},{"name":"[oss-security] 20200227 Re: Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2020/02/27/2"},{"name":"20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://seclists.org/fulldisclosure/2020/Feb/26"},{"tags":["x_refsource_MISC"],"url":"http://www.openwall.com/lists/oss-security/2020/02/27/1"},{"tags":["x_refsource_MISC"],"url":"http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html"},{"name":"[debian-lts-announce] 20200311 [SECURITY] [DLA 2138-1] wpa security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00010.html"},{"name":"[debian-lts-announce] 20200808 [SECURITY] [DLA 2318-1] wpa security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2019-10064","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389","refsource":"MISC","url":"https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389"},{"name":"[oss-security] 20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)","refsource":"MLIST","url":"http://www.openwall.com/lists/oss-security/2020/02/27/1"},{"name":"[oss-security] 20200227 Re: Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)","refsource":"MLIST","url":"http://www.openwall.com/lists/oss-security/2020/02/27/2"},{"name":"20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)","refsource":"FULLDISC","url":"http://seclists.org/fulldisclosure/2020/Feb/26"},{"name":"http://www.openwall.com/lists/oss-security/2020/02/27/1","refsource":"MISC","url":"http://www.openwall.com/lists/oss-security/2020/02/27/1"},{"name":"http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html","refsource":"MISC","url":"http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html"},{"name":"[debian-lts-announce] 20200311 [SECURITY] [DLA 2138-1] wpa security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00010.html"},{"name":"[debian-lts-announce] 20200808 [SECURITY] [DLA 2318-1] wpa security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T22:10:09.430Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389"},{"name":"[oss-security] 20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2020/02/27/1"},{"name":"[oss-security] 20200227 Re: Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2020/02/27/2"},{"name":"20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://seclists.org/fulldisclosure/2020/Feb/26"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2020/02/27/1"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html"},{"name":"[debian-lts-announce] 20200311 [SECURITY] [DLA 2138-1] wpa security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00010.html"},{"name":"[debian-lts-announce] 20200808 [SECURITY] [DLA 2318-1] wpa security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html"}]}]},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2019-10064","datePublished":"2020-02-28T14:07:14.000Z","dateReserved":"2019-03-26T00:00:00.000Z","dateUpdated":"2024-08-04T22:10:09.430Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}