Home

CVE-2019-15847

Description

The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.74

Associated Vulnerability

VulnerabilityOS Platform
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) gcc9-debuginfo-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) gcc9-debuginfo-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) gcc9-debugsource-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) gcc9-debugsource-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libasan5-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libasan5-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libasan5-32bit-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libasan5-32bit-9.2.1+r275327-1.3.9.x86_64_SP5.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libasan5-debuginfo-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libasan5-debuginfo-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libatomic1-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libatomic1-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libatomic1-32bit-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libatomic1-32bit-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libatomic1-debuginfo-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libatomic1-debuginfo-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libgcc_s1-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libgcc_s1-32bit-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libgcc_s1-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libgcc_s1-32bit-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libgcc_s1-debuginfo-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libgcc_s1-debuginfo-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libgfortran5-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libgfortran5-32bit-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libgfortran5-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libgfortran5-32bit-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libgfortran5-debuginfo-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libgfortran5-debuginfo-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libgo14-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libgo14-32bit-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libgo14-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libgo14-32bit-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libgo14-debuginfo-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libgo14-debuginfo-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libgomp1-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libgomp1-32bit-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libgomp1-debuginfo-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libgomp1-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libitm1-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libgomp1-32bit-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libitm1-32bit-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libitm1-debuginfo-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libgomp1-debuginfo-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) liblsan0-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libitm1-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) liblsan0-debuginfo-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libitm1-32bit-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libquadmath0-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libquadmath0-32bit-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libitm1-debuginfo-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libquadmath0-debuginfo-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) liblsan0-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libstdc++6-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) liblsan0-debuginfo-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libstdc++6-32bit-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libquadmath0-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libquadmath0-32bit-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libstdc++6-debuginfo-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libquadmath0-debuginfo-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libstdc++6-locale-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libstdc++6-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libstdc++6-32bit-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libtsan0-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libtsan0-debuginfo-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libstdc++6-debuginfo-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libubsan1-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libstdc++6-locale-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libubsan1-32bit-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libtsan0-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libtsan0-debuginfo-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP5 ) libubsan1-debuginfo-9.2.1+r275327-1.3.9.x86_64.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libubsan1-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libubsan1-32bit-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
SUSE-SU-2020:0394-1(SUSE Linux Enterprise Server 12-SP4 ) libubsan1-debuginfo-9.2.1+r275327-1.3.9.x86_64_SP4.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update cpp-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update gcc-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update gcc-c++-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update gcc-debugsource-8.3.1-5.el8.i686.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update gcc-debugsource-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update gcc-gdb-plugin-8.3.1-5.el8.i686.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update gcc-gdb-plugin-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update gcc-gfortran-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update gcc-offload-nvptx-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libasan-8.3.1-5.el8.i686.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libasan-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libatomic-8.3.1-5.el8.i686.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libatomic-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libatomic-static-8.3.1-5.el8.i686.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libatomic-static-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libgcc-8.3.1-5.el8.i686.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libgcc-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libgfortran-8.3.1-5.el8.i686.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libgfortran-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libgomp-8.3.1-5.el8.i686.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libgomp-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libgomp-offload-nvptx-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libitm-8.3.1-5.el8.i686.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libitm-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libitm-devel-8.3.1-5.el8.i686.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libitm-devel-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update liblsan-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libquadmath-8.3.1-5.el8.i686.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libquadmath-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libquadmath-devel-8.3.1-5.el8.i686.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libquadmath-devel-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libstdc++-8.3.1-5.el8.i686.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libstdc++-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libstdc++-devel-8.3.1-5.el8.i686.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libstdc++-devel-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libstdc++-docs-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libtsan-8.3.1-5.el8.x86_64.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libubsan-8.3.1-5.el8.i686.rpmLinux
(RHSA-2020:1864) gcc security and bug fix update libubsan-8.3.1-5.el8.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234