CWE-333 - Improper Handling of Insufficient Entropy in TRNG
CWE-333 Low
- Abstraction:
- Variant
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
Improper Handling of Insufficient Entropy in TRNG
- Description
True random number generators (TRNG) generally have a limited source of entropy and therefore can fail or block.
The rate at which true random numbers can be generated is limited. It is important that one uses them only when they are needed for security.
- Common Consequences
Scope: Availability
Impact: DoS: Crash, Exit, or Restart
Notes: A program may crash or block if it runs out of random numbers.
- Related Weaknesses
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2024-02-29
Free security scan for your website