Back to search
CVE-2019-15847
Published: Sep 2, 2019
Modified: Aug 5, 2024
PUBLISHED
Description
The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481
x_refsource_MISC
openSUSE-SU-2019:2364
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2019:2365
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2020:0716
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now