CVE-2025-1828
Published: 11 March 2025
Description
Crypt::Random Perl package 1.05 through 1.55 may use rand() function, which is not cryptographically strong, for cryptographic functions. If the Provider is not specified and /dev/urandom or an Entropy Gathering Daemon (egd) service is not available Crypt::Random will default to use the insecure Crypt::Random::rand provider. In particular, Windows versions of perl will encounter this issue by default.
Security Summary
CVE-2025-1828 affects the Crypt::Random Perl package in versions 1.05 through 1.55, where it may use the Perl rand() function—which is not cryptographically strong—for generating random values in cryptographic functions. This occurs when no Provider is specified and strong entropy sources like /dev/urandom or an Entropy Gathering Daemon (EGD) service are unavailable, causing the package to default to the insecure Crypt::Random::rand provider. Windows versions of Perl are particularly susceptible to this issue by default.
Attackers can exploit this vulnerability remotely with low complexity and no privileges required, though it necessitates user interaction such as running malicious or affected Perl scripts. Successful exploitation generates predictable random values, leading to high impacts on confidentiality, integrity, and availability (CVSS 8.8: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), potentially enabling attacks like key prediction, nonce reuse, or forgery in cryptographic operations dependent on the module. Associated weaknesses include CWE-331 (Insufficient Entropy) and CWE-338 (Use of Cryptographically Weak PRNG).
Mitigation involves updating Crypt::Random to a patched version, as indicated by fixes in the Crypt-OpenPGP repository, including commit 1f8b29e9e89d8d083fd025152e76ec918136cc05 and pull request 1. Users should also explicitly specify a secure Provider or ensure availability of /dev/urandom or EGD services, avoiding reliance on the default rand() behavior documented in Perl's rand function reference.
Details
- CWE(s)