{"id":"CVE-2019-15847","details":"The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.","modified":"2026-02-19T07:27:58.659113Z","published":"2019-09-02T23:15:10.837Z","related":["CGA-c9px-mqhf-95g8","SUSE-SU-2019:2702-1","SUSE-SU-2019:3061-1","SUSE-SU-2020:0394-1","SUSE-SU-2023:3662-1","openSUSE-SU-2019:2364-1","openSUSE-SU-2019:2365-1","openSUSE-SU-2020:0716-1","openSUSE-SU-2024:10703-1"],"references":[{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html"},{"type":"ADVISORY","url":"https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481"},{"type":"REPORT","url":"https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gcc-mirror/gcc","events":[{"introduced":"0"},{"fixed":"4212a6a3e44f870412d9025eeb323fd4f50a61da"},{"introduced":"0"},{"fixed":"6e6e3f144a33ae504149dc992453b4f6dea12fdb"},{"introduced":"0"},{"fixed":"8cd3bffead2ed1d1998c190865694f920fbc93ab"},{"introduced":"0"},{"fixed":"b2d961e7342b5ba4e57adfa81cb189b738d10901"}]}],"versions":["basepoints/gcc-0","basepoints/gcc-10","basepoints/gcc-5","basepoints/gcc-6","basepoints/gcc-7","basepoints/gcc-8","basepoints/gcc-9","misc/cutover-cvs2svn","misc/cutover-egcs-0","misc/cutover-egcs-1","misc/cutover-git","releases/gcc-7.1.0","releases/gcc-7.2.0","releases/gcc-7.3.0","releases/gcc-7.4.0","releases/gcc-8.1.0","releases/gcc-8.2.0","releases/gcc-8.3.0","releases/gcc-9.1.0","releases/gcc-9.2.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-15847.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}