{"id":"CVE-2013-7295","details":"Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for (1) relay identity keys and (2) hidden-service identity keys, which might make it easier for remote attackers to bypass cryptographic protection mechanisms via unspecified vectors.","modified":"2026-04-16T01:39:04.735006849Z","published":"2014-01-17T21:55:14Z","withdrawn":"2026-01-27T04:13:14.557482Z","related":["openSUSE-SU-2024:10423-1"],"references":[{"type":"ADVISORY","url":"https://lists.torproject.org/pipermail/tor-talk/2013-December/031483.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-updates/2014-01/msg00095.html"}],"schema_version":"1.7.3"}