View at Official debian advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2025-0577 unimportant priority: Debian including 1 source packages (glibc), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.
An insufficient entropy vulnerability was found in glibc. The getrandom and arc4random family of functions may return predictable randomness if these functions are called again after the fork, which happens concurrently with a call to any of these functions.