CVE-2025-52464: Unseeded Curve25519 Keygen
Generating a Curve25519 key pair without appropriately initializing the randomness pool can result in low-entropy, duplicate, or predictable cryptographic keys. Ensure that the PRNG is correctly initialized and salted with sufficient hardware or system entropy (e.g., via `RNG.begin()` and `RNG.stir()`) prior to invoking `Curve25519::dh1()`.
greprules fetch cve-2025-52464-unseeded-curve25519-keygen --engine opengrepDescription
Generating a Curve25519 key pair without appropriately initializing the randomness pool can result in low-entropy, duplicate, or predictable cryptographic keys. Ensure that the PRNG is correctly initialized and salted with sufficient hardware or system entropy (e.g., via `RNG.begin()` and `RNG.stir()`) prior to invoking `Curve25519::dh1()`.
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.