vulnerability
Oracle Linux: CVE-2019-15847: ELSA-2020-1864: gcc security and bug fix update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:C/I:N/A:N) | 2019-09-02 | 2022-10-05 | 2024-11-27 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:C/I:N/A:N)
Published
2019-09-02
Added
2022-10-05
Modified
2024-11-27
Description
The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.
Solution(s)
oracle-linux-upgrade-cpporacle-linux-upgrade-gccoracle-linux-upgrade-gcc-coracle-linux-upgrade-gcc-gdb-pluginoracle-linux-upgrade-gcc-gfortranoracle-linux-upgrade-gcc-offload-nvptxoracle-linux-upgrade-gcc-plugin-develoracle-linux-upgrade-libasanoracle-linux-upgrade-libatomicoracle-linux-upgrade-libatomic-staticoracle-linux-upgrade-libgccoracle-linux-upgrade-libgfortranoracle-linux-upgrade-libgomporacle-linux-upgrade-libgomp-offload-nvptxoracle-linux-upgrade-libitmoracle-linux-upgrade-libitm-develoracle-linux-upgrade-liblsanoracle-linux-upgrade-libquadmathoracle-linux-upgrade-libquadmath-develoracle-linux-upgrade-libstdcoracle-linux-upgrade-libstdc-develoracle-linux-upgrade-libstdc-docsoracle-linux-upgrade-libstdc-staticoracle-linux-upgrade-libtsanoracle-linux-upgrade-libubsan
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.