CVE-2026-34871

medium

Published 2026-04-01 · Modified 2026-06-05

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

6.7

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CVSS v4 NEW

—

not yet in upstream

VIR risk

6.7

Description

An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator (PRNG).

Predictions

Exploit likelihood

66%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

Mitigation details

Source: Debian Security Tracker · View original ↗ · DFSG

CVE-2026-34871 NameCVE-2026-34871 DescriptionAn issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator (PRNG). SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)…

CVE-2026-34871

Name	CVE-2026-34871
Description	An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator (PRNG).
Source	CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DLA-4551-1
Debian Bugs	1132577

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
mbedtls (PTS)	bullseye	2.16.9-0.1	vulnerable
	bullseye (security)	2.16.9-0.1+deb11u4	fixed
	bookworm	2.28.3-1	vulnerable
	trixie	3.6.5-0.1~deb13u1	vulnerable
	forky, sid	3.6.6-0.1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
mbedtls	source	bullseye	2.16.9-0.1+deb11u4		DLA-4551-1
mbedtls	source	(unstable)	3.6.6-0.1	unimportant		1132577

Notes

[trixie] - mbedtls <no-dsa> (Minor issue)
[bookworm] - mbedtls <no-dsa> (Minor issue)
https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-dev-random/
Builds using Glibc or uClibc, running on a kernel where getrandom() is available, are safe.

Home - Debian Security - Source (Git)

Apply commands

text fix

Notes

[trixie] - mbedtls <no-dsa> (Minor issue)[bookworm] - mbedtls <no-dsa> (Minor issue)https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-dev-random/Builds using Glibc or uClibc, running on a kernel where getrandom() is available, are safe.

OS impact

SUSE Affected 1 release

Version	Status	Fixed in
—	Affected	—

Debian Mixed 5 releases

Version	Status	Fixed in
trixie	Affected	—
sid	Fixed	`3.6.6-0.1`
forky	Fixed	`3.6.6-0.1`
bullseye	Fixed	`2.16.9-0.1+deb11u4`
bookworm	Affected	—

Application impact

Vendor	Product	Versions	Fixed
arm	mbed_tls	`{"endExcluding":"3.6.6"}`	`3.6.6`
trustedfirmware	tf-psa-crypto	`{"endExcluding":"1.1.0"}`	`1.1.0`

References

CWEs

CWE-338

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.