Vulnetix
Try Vulnetix Request Demo
CVE-2017-11671 PUBLISHED

Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation.

EPSS 0.10% · 28.0th percentile

Risk Scores

EPSS Score
0.10%
28.0th percentile

Affected Products

VendorProductVersions
Ubuntu:18.04:LTSgcc-3.30, 1:3.3.6ds1-30, 1:3.3.6ds1-28ubuntu1
Ubuntu:24.04:LTSgcc-mingw-w6426.1, 25.3, 0
Ubuntu:16.04:LTSgcc-4.8-ppc64el-cross2, 0.9, 0.8
Ubuntu:22.04:LTSgcc-mingw-w640, 24.2, 24.3
Ubuntu:16.04:LTSgcc-avr1:4.9.2+Atmel3.5.0-1, 1:4.8.1+Atmel3.4.5-1, 0
Ubuntu:16.04:LTSgcc-4.7-armhf-cross1.86, 0, 1.87
Ubuntu:18.04:LTSgcc-mingw-w6419.3, 20, 20.2build1
Ubuntu:16.04:LTSgcc-msp4300, 4.6.3~mspgcc-20120406-7ubuntu3
Ubuntu:16.04:LTSgcc-arm-linux-androideabi0, 0.20130705.1-0ubuntu8, 0.20130705.1-0ubuntu9
Ubuntu:14.04:LTSgcc-3.31:3.3.6ds1-25ubuntu4, 0
Ubuntu:16.04:LTSgcc-4.74.7.4-3ubuntu7, 4.7.4-3ubuntu3, 4.7.4-3ubuntu9
Ubuntu:16.04:LTSgcc-4.8-armhf-cross2, 0.17, 0.16
Ubuntu:20.04:LTSgcc-mingw-w6422~exp1ubuntu3, 22~exp1ubuntu2, 22~exp1ubuntu4
Ubuntu:25.10gcc-arm-none-eabi0, 15:14.2.rel1-1
Ubuntu:25.10gcc-mingw-w6426.1, 0
Ubuntu:22.04:LTSgcc-h8300-hms1:3.4.6+dfsg2-4.2, 1:3.4.6+dfsg2-4.1, 0
Ubuntu:20.04:LTSgcc-m68hc1x1:3.3.6+3.1+dfsg-3.1ubuntu1, 0
Ubuntu:24.04:LTSgcc-h8300-hms0, 1:3.4.6+dfsg2-4.2
Ubuntu:22.04:LTSgcc-avr1:5.4.0+Atmel3.6.2-2, 0, 1:5.4.0+Atmel3.6.2-3
Ubuntu:16.04:LTSgcc-snapshot0, 20160415-0ubuntu1, 20160320-1ubuntu1

…and 38 more

Timeline

References

Open in Interactive Console →