NetBSD False Intel Hardware RNG Detection Predictable Random Number Generation Weakness

NetBSD False Intel Hardware RNG Detection Predictable Random Number Generation Weakness

NetBSD is prone to predictable keys being generated due to incorrect detection of Intel hardware random number generator (RNG).

A NetBSD driver that employs the hardware RNG incorrectly detects the RNG while it is not present in the chipset and supplies a constant stream of bytes to be used in the entropy pool for the kernel RNG. This may have a significant impact on the quality of keys and other sensitive data that is generated using the predictable value as a seed; this may result in predictable keys being created.

This issue arises on NetBSD systems with i8xx motherboard chipset for x86 CPUs.