The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) prior to 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent malicious users to predict the random values via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu gcc |