CVE-2008-5162

Name of the Vulnerable Software and Affected Versions FreeBSD versions 6.3 through 7.1

Description The issue is related to the arc4random function in the kernel, which lacks a proper entropy source for a short time period immediately after boot. This makes it easier for attackers to predict the function's return values, allowing them to conduct certain attacks against the GEOM framework and various network protocols. The problem is connected to the Yarrow random number generator.

Recommendations For FreeBSD versions 6.3 through 7.1, consider implementing additional entropy sources to improve the randomness of the arc4random function until a patch is available. As a temporary workaround, restrict access to sensitive network protocols and the GEOM framework immediately after boot to minimize the risk of exploitation.