Using SHA2 as random number generator? [migrated]

I need to generate secure pseudorandom numbers in an embedded system. Instead of having to port some RNG library, could I just use an existing SHA2 function as a random number generator (n-th random number is SHA2(seed + n))?

I’m worried that SHA2 hashes might not be evenly distributed (have bias towards certain sequences of bits).