CVE-2017-11671 [Medium] | Security Vulnerability in Gcc

Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-06-15	0.11%	0.44%	+0.34%
2	2025-03-30	0.16%	0.11%	-0.05%
3	2025-03-29	—	0.16%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2026-06-15

0.11%

0.44%

+0.34%

2025-03-30

0.16%

0.11%

-0.05%

2025-03-29

—

0.16%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
4.0	3.0	MEDIUM	`CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N` Click to expand Attack vector (AV:L) They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by. Attack complexity (AC:L) Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup. Privileges required (PR:N) No account or special rights needed—anonymous or random user is enough. User interaction (UI:N) Nobody has to click “OK” or open a trap file; it can work without a victim helping. Scope (S:U) Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems. Confidentiality (C:L) Some sensitive info could get out, but not a total data dump. Integrity (I:N) Data isn’t meaningfully altered or forged. Availability (A:N) Service keeps running; no real outage angle.	2.5	1.4	[email protected]
2.1	2.0	LOW	`AV:L/AC:L/Au:N/C:P/I:N/A:N` Click to expand Access vector (AV:L) Requires local access to the target system. Access complexity (AC:L) Exploitation conditions are straightforward and predictable. Authentication (AU:N) No authentication is required. Confidentiality impact (C:P) Partial confidentiality impact. Integrity impact (I:N) No integrity impact. Availability impact (A:N) No availability impact.	3.9	2.9	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

4.0

3.0

MEDIUM

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Click to expand

Attack vector (AV:L): They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L): Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N): No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N): Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U): Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:L): Some sensitive info could get out, but not a total data dump.
Integrity (I:N): Data isn’t meaningfully altered or forged.
Availability (A:N): Service keeps running; no real outage angle.

2.5

1.4

[email protected]

2.1

2.0

LOW

AV:L/AC:L/Au:N/C:P/I:N/A:N Click to expand

Access vector (AV:L): Requires local access to the target system.
Access complexity (AC:L): Exploitation conditions are straightforward and predictable.
Authentication (AU:N): No authentication is required.
Confidentiality impact (C:P): Partial confidentiality impact.
Integrity impact (I:N): No integrity impact.
Availability impact (A:N): No availability impact.

3.9

2.9

[email protected]

OS Trackers for CVE-2017-11671

vendor	priority	summary	link
`redhat`	low	—	https://access.redhat.com/security/cve/CVE-2017-11671
`suse`	medium	CVE-2017-11671 severity moderate: SUSE including 161 source package names (cpp-4.8.5-28.el7, cpp43, …), 410 product×package rows across 42 product lines (Image SLES12-SP5-Azure-SAP-BYOS, Image SLES12-SP5-Azure-SAP-On-Demand, … (42 product lines)): Fixed 386, Known Not Affected 24.	https://www.suse.com/security/cve/CVE-2017-11671/
`ubuntu`	low	CVE-2017-11671 low priority: Ubuntu including 52 source packages (gcc-3.3, gcc-4.4, …), 1092 status rows across 21 suites (artful, bionic, cosmic, disco, eoan, focal, groovy, hirsute, impish, jammy, kinetic, lunar, mantic, noble, oracular, plucky, questing, trusty, upstream, xenial, zesty): DNE 796, ignored 117, needs-triage 100, not-affected 71, released 8.	https://ubuntu.com/security/CVE-2017-11671

Affected software / configurations for CVE-2017-11671

Vendor	Product	Version	Raw CPE
gnu	gcc	4.6	cpe:2.3:a:gnu:gcc:4.6:::::::*
gnu	gcc	4.7	cpe:2.3:a:gnu:gcc:4.7:::::::*
gnu	gcc	4.8	cpe:2.3:a:gnu:gcc:4.8:::::::*
gnu	gcc	4.9	cpe:2.3:a:gnu:gcc:4.9:::::::*
gnu	gcc	5.0	cpe:2.3:a:gnu:gcc:5.0:::::::*
gnu	gcc	5.1	cpe:2.3:a:gnu:gcc:5.1:::::::*
gnu	gcc	5.2	cpe:2.3:a:gnu:gcc:5.2:::::::*
gnu	gcc	5.3	cpe:2.3:a:gnu:gcc:5.3:::::::*
gnu	gcc	5.4	cpe:2.3:a:gnu:gcc:5.4:::::::*
gnu	gcc	6.0	cpe:2.3:a:gnu:gcc:6.0:::::::*
gnu	gcc	6.1	cpe:2.3:a:gnu:gcc:6.1:::::::*
gnu	gcc	6.2	cpe:2.3:a:gnu:gcc:6.2:::::::*
gnu	gcc	6.3	cpe:2.3:a:gnu:gcc:6.3:::::::*

References for CVE-2017-11671

URL	Tags
http://openwall.com/lists/oss-security/2017/07/27/2	Mailing List Third Party Advisory
http://www.securityfocus.com/bid/100018	Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2018:0849
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80180	Issue Tracking Vendor Advisory
https://gcc.gnu.org/ml/gcc-patches/2017-03/msg01349.html	Mailing List

URL

CVE-2017-11671

Exploit prediction scoring system (EPSS) score for CVE-2017-11671

Common vulnerability scoring system (CVSS) metrics for CVE-2017-11671

Weakness enumeration for CVE-2017-11671

OS Trackers for CVE-2017-11671

Affected software / configurations for CVE-2017-11671

References for CVE-2017-11671