CVE-2024-45751 Information

Description

tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1 and thus the sequence of challenges is always identical.

Reference

https://github.com/fujita/tgt/pull/67 https://github.com/fujita/tgt/compare/v1.0.92…v1.0.93