CVE-2017-11671

Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation.

CVSS v3.0 4.0 MEDIUM
CVSS v2.0 2.1 LOW

4.0^/10

CVSS v3.0 : MEDIUM

Vector : AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability : 2.5 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

2.1^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://gcc.gnu.org/ml/gcc-patches/2017-03/msg01349.html	Mailing List
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80180	Issue Tracking Vendor Advisory
http://openwall.com/lists/oss-security/2017/07/27/2	Mailing List Third Party Advisory
http://www.securityfocus.com/bid/100018	Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2018:0849

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:gnu:gcc:6.2:::::::*
	cpe:2.3:a:gnu:gcc:6.1:::::::*
	cpe:2.3:a:gnu:gcc:4.9:::::::*
	cpe:2.3:a:gnu:gcc:4.8:::::::*
	cpe:2.3:a:gnu:gcc:6.0:::::::*
	cpe:2.3:a:gnu:gcc:5.4:::::::*
	cpe:2.3:a:gnu:gcc:4.7:::::::*
	cpe:2.3:a:gnu:gcc:4.6:::::::*
	cpe:2.3:a:gnu:gcc:5.3:::::::*
	cpe:2.3:a:gnu:gcc:5.2:::::::*
	cpe:2.3:a:gnu:gcc:6.3:::::::*
	cpe:2.3:a:gnu:gcc:5.1:::::::*
	cpe:2.3:a:gnu:gcc:5.0:::::::*

Information

Published : 2017-07-26 14:29

Updated : 2018-04-11 18:29

NVD link : CVE-2017-11671

Mitre link : CVE-2017-11671

JSON object : View

CWE

CWE-338

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Advertisement

Products Affected

gnu

gcc

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://gcc.gnu.org/ml/gcc-patches/2017-03/msg01349.html", "name": "https://gcc.gnu.org/ml/gcc-patches/2017-03/msg01349.html", "tags": ["Mailing List"], "refsource": "CONFIRM"}, {"url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80180", "name": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80180", "tags": ["Issue Tracking", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://openwall.com/lists/oss-security/2017/07/27/2", "name": "http://openwall.com/lists/oss-security/2017/07/27/2", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/100018", "name": "100018", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "https://access.redhat.com/errata/RHSA-2018:0849", "name": "RHSA-2018:0849", "tags": [], "refsource": "REDHAT"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-338"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2017-11671", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "LOW", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.0, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.5}}, "publishedDate": "2017-07-26T21:29Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:gnu:gcc:6.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:gcc:6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:gcc:4.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:gcc:4.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:gcc:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:gcc:5.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:gcc:4.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:gcc:4.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:gcc:5.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:gcc:5.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:gcc:6.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:gcc:5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gnu:gcc:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-04-12T01:29Z"}