Home

CVE-2017-11671

Description

Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation.

Risk Information

Base Score
4.0
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.102

Associated Vulnerability

VulnerabilityOS Platform
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update cpp-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update gcc-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update gcc-c++-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update gcc-gfortran-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update gcc-gnat-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update gcc-go-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update gcc-objc-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update gcc-objc++-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update gcc-plugin-devel-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libasan-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libasan-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libasan-static-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libasan-static-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libatomic-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libatomic-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libatomic-static-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libatomic-static-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgcc-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgcc-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgfortran-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgfortran-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgfortran-static-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgfortran-static-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgnat-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgnat-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgnat-devel-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgnat-devel-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgnat-static-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgnat-static-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgo-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgo-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgo-devel-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgo-devel-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgo-static-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgo-static-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgomp-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libgomp-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libitm-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libitm-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libitm-devel-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libitm-devel-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libitm-static-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libitm-static-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libmudflap-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libmudflap-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libmudflap-devel-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libmudflap-devel-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libmudflap-static-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libmudflap-static-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libobjc-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libobjc-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libquadmath-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libquadmath-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libquadmath-devel-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libquadmath-devel-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libquadmath-static-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libquadmath-static-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libstdc++-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libstdc++-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libstdc++-devel-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libstdc++-devel-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libstdc++-docs-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libstdc++-static-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libstdc++-static-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libtsan-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849) Low: gcc security, bug fix, and enhancement update libtsan-static-4.8.5-28.el7.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) cpp48-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) cpp48-debuginfo-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) gcc48-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) gcc48-32bit-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) gcc48-c++-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) gcc48-c++-debuginfo-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) gcc48-debuginfo-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) gcc48-debugsource-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) gcc48-gij-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) gcc48-gij-32bit-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) gcc48-gij-debuginfo-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) gcc48-gij-debuginfo-32bit-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) gcc48-info-4.8.5-31.3.1.noarch.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Server 12-SP2 ) gcc48-locale-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) libasan0-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) libasan0-32bit-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) libasan0-debuginfo-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) libgcj48-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) libgcj48-32bit-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) libgcj48-debuginfo-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) libgcj48-debuginfo-32bit-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) libgcj48-debugsource-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) libgcj48-jar-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) libgcj_bc1-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) libstdc++48-devel-4.8.5-31.3.1.x86_64.rpmLinux
SUSE-SU-2017:2526-1(SUSE Linux Enterprise Desktop 12-SP2 ) libstdc++48-devel-32bit-4.8.5-31.3.1.x86_64.rpmLinux
(RHSA-2018:0849)Low: security, bug fix, and enhancement update gcc-base-debuginfo-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849)Low: security, bug fix, and enhancement update gcc-base-debuginfo-4.8.5-28.el7.x86_64.rpmLinux
(RHSA-2018:0849)Low: security, bug fix, and enhancement update gcc-debuginfo-4.8.5-28.el7.i686.rpmLinux
(RHSA-2018:0849)Low: security, bug fix, and enhancement update gcc-debuginfo-4.8.5-28.el7.x86_64.rpmLinux
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2017-11671)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234