CVE-2017-11671

Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:gnu:gcc:6.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gcc:6.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gcc:4.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gcc:4.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gcc:6.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gcc:5.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gcc:4.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gcc:4.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gcc:5.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gcc:5.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gcc:6.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gcc:5.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gcc:5.0:*:*:*:*:*:*:*

Information

Published : 2017-07-26 14:29

Updated : 2018-04-11 18:29


NVD link : CVE-2017-11671

Mitre link : CVE-2017-11671


JSON object : View

CWE
CWE-338

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Advertisement

dedicated server usa

Products Affected

gnu

  • gcc