Medium severity4.8NVD Advisory· Published Feb 18, 2026· Updated Apr 15, 2026
CVE-2025-0577
CVE-2025-0577
Description
An insufficient entropy vulnerability was found in glibc. The getrandom and arc4random family of functions may return predictable randomness if these functions are called again after the fork, which happens concurrently with a call to any of these functions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- osv-coords7 versionspkg:deb/ubuntu/eglibc@2.19-0ubuntu6.15+esm3?arch=source&distro=esm-infra-legacy/trustypkg:deb/ubuntu/glibc@2.23-0ubuntu11.3+esm7?arch=source&distro=esm-infra/xenialpkg:deb/ubuntu/glibc@2.27-3ubuntu1.6+esm3?arch=source&distro=esm-infra/bionicpkg:deb/ubuntu/glibc@2.31-0ubuntu9.16?arch=source&distro=focalpkg:deb/ubuntu/glibc@2.35-0ubuntu3.8?arch=source&distro=jammypkg:deb/ubuntu/glibc@2.39-0ubuntu8.3?arch=source&distro=noblepkg:deb/ubuntu/glibc@2.40-1ubuntu3?arch=source&distro=oracular
>= 0+ 6 more
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.