Bug 1262846 - (CVE-2015-5276) CVE-2015-5276 gcc: Predictable randomness from std::random_device
CVE-2015-5276 gcc: Predictable randomness from std::random_device
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On: 1262852
Blocks: 1262855
  Show dependency treegraph
Reported: 2015-09-14 09:26 EDT by Florian Weimer
Modified: 2016-06-10 05:04 EDT (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2016-01-12 11:12:24 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
GNU Compiler Collection 65142 None None None Never

  None (edit)
Description Florian Weimer 2015-09-14 09:26:24 EDT
It was discovered that the std::random_device class in libstdc++ would
not properly detect short reads and could return return predictable
values if applications used it to obtain randomness from a blocking
source such as /dev/random.
Comment 1 Florian Weimer 2015-09-14 09:31:37 EDT
External references:

Comment 3 Florian Weimer 2015-09-14 09:32:55 EDT
Created gcc tracking bugs for this issue:

Affects: fedora-all [bug 1262852]
Comment 6 Cedric Buissart 2016-01-12 11:16:21 EST
std::random_device is not guaranteed to be cryptographically secure and should not be used for secure cryptographic code. Thus having a low impact.
Comment 7 Jonathan Wakely 2016-01-12 11:22:43 EST
I was intending to fix this.

std::random_device can use /dev/random in GCC's implementation (and the intent of the C++ standard is to allow, even encourage that), isn't that suitable for secure crypto?

Note You need to log in before you can comment on or make changes to this bug.