Back to search
CVE-2017-11671
Published: Jul 26, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://openwall.com/lists/oss-security/2017/07/27/2
x_refsource_CONFIRM
100018
vdb-entry
x_refsource_BID
RHSA-2018:0849
vendor-advisory
x_refsource_REDHAT
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80180
x_refsource_CONFIRM
https://gcc.gnu.org/ml/gcc-patches/2017-03/msg01349.html
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now