A patch for mcookie in the util-linux package for Mandrake Linux 8.2 and 9.0 uses /dev/urandom instead of /dev/random, which causes mcookie to use an entropy source that is more predictable than expected, which may make it easier for certain types of attacks to succeed.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | < h5.1.4.2596 build 20231128 |