CVE-2017-11671

Опубликовано: 25 мар. 2017

Источник: redhat

CVSS3: 5.6

Описание

Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	compat-gcc-295	Not affected
Red Hat Enterprise Linux 5	compat-gcc-296	Not affected
Red Hat Enterprise Linux 5	compat-gcc-32	Not affected
Red Hat Enterprise Linux 5	compat-gcc-34	Not affected
Red Hat Enterprise Linux 5	gcc	Not affected
Red Hat Enterprise Linux 5	gcc44	Not affected
Red Hat Enterprise Linux 6	compat-gcc-295	Not affected
Red Hat Enterprise Linux 6	compat-gcc-296	Not affected
Red Hat Enterprise Linux 6	compat-gcc-32	Not affected
Red Hat Enterprise Linux 6	compat-gcc-34	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=1475733gcc: GCC generates incorrect code for RDRAND/RDSEED intrinsics

5.6 Medium

CVSS3

Связанные уязвимости

CVE-2017-11671

CVSS3: 4

ubuntu

больше 8 лет назад

CVE-2017-11671

CVSS3: 4

nvd

больше 8 лет назад

CVE-2017-11671

CVSS3: 4

debian

больше 8 лет назад

Under certain circumstances, the ix86_expand_builtin function in i386. ...

openSUSE-SU-2017:2901-1

suse-cvrf

около 8 лет назад

Security update for gcc48

SUSE-SU-2017:2526-1

suse-cvrf

около 8 лет назад

Security update for gcc48

5.6 Medium

CVSS3