Oval Definition:oval:com.ubuntu.bionic:def:20155276000
Revision Date:2015-11-17Version:1
Title:CVE-2015-5276 on Ubuntu 18.04 LTS (bionic) - low.
Description:The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2015-5276
Platform(s):Ubuntu 18.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 18.04 LTS (bionic) is installed.
  • AND Package Information
  • NOT While related to the CVE in some way, the 'gcc-3.3' package in bionic is not affected (note: 'std::random_device not present').
  • OR The 'gcc-4.8' package in bionic is affected and needs fixing.
  • OR NOT While related to the CVE in some way, the 'gcc-5' package in bionic is not affected.
  • OR NOT While related to the CVE in some way, the 'gcc-arm-none-eabi' package in bionic is not affected (note: '15:6.3.1+svn253039').
  • OR NOT While related to the CVE in some way, the 'gcc-avr' package in bionic is not affected (note: '1:5.4.0+Amtel3.6.0-1build1').
  • OR NOT While related to the CVE in some way, the 'gcc-defaults' package in bionic is not affected.
  • OR NOT While related to the CVE in some way, the 'gcc-h8300-hms' package in bionic is not affected (note: 'std::random_device not present').
  • OR NOT While related to the CVE in some way, the 'gcc-m68hc1x' package in bionic is not affected (note: 'std::random_device not present').
  • OR NOT While related to the CVE in some way, the 'gcc-mingw-w64' package in bionic is not affected (note: '17').
  • OR The 'gcc-msp430' package in bionic is affected and needs fixing.
  • OR The 'gcc-opt' package in bionic is affected and needs fixing.
  • OR NOT While related to the CVE in some way, the 'gcc-snapshot' package in bionic is not affected (note: '20151011-0ubuntu1').
    • BACK