Oval Definition:	oval:com.ubuntu.disco:def:2017116710000000
Revision Date: 2017-07-26 Version: 1 Title: CVE-2017-11671 on Ubuntu 19.04 (disco) - low. Description: Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-11671 Platform(s): Ubuntu 19.04 Product(s): Definition Synopsis Ubuntu 19.04 (disco) is installed. AND Package Information gcc-3.3 package in disco is affected and may need fixing. OR gcc-6 package in disco, is related to the CVE in some way and has been fixed (note: '6.4.0-17ubuntu1'). OR gcc-7 package in disco, is related to the CVE in some way and has been fixed (note: '7.3.0-16ubuntu3'). OR gcc-7-cross package in disco, is related to the CVE in some way and has been fixed (note: '20ubuntu4'). OR gcc-7-cross-ports package in disco, is related to the CVE in some way and has been fixed (note: '20ubuntu4'). OR gcc-arm-none-eabi package in disco is affected and may need fixing. OR gcc-avr package in disco is affected and may need fixing. OR gcc-defaults package in disco is affected and may need fixing. OR gcc-h8300-hms package in disco is affected and may need fixing. OR gcc-m68hc1x package in disco is affected and may need fixing. OR gcc-mingw-w64 package in disco is affected and may need fixing. OR gcc-msp430 package in disco is affected and may need fixing. OR gcc-snapshot package in disco, is related to the CVE in some way and has been fixed (note: '1:20180425-1ubuntu1').
BACK