[原文]Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface.
NetBSD Intel Hardware Random Number Generator (RNG) Failure Encryption Weakness
Local Access Required
Loss of Confidentiality
NetBSD contains a flaw that may reduce the quality of random numbers used when encrypting data. The issue is triggered by incorrectly detecting the presence of Intel's 'pchb' random number generator when it is not in fact present. It is possible that the flaw may allow a reduction of quality of random data used by encryption mechanisms resulting in a loss of confidentiality.
Upgrade to version 2.0.4, 2.1.1, or 3.0.1 or higher, as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.