Gnu · Gnu Compiler Collection · CVE-2019-15847
**Name of the Vulnerable Software and Affected Versions**
GNU Compiler Collection (GCC) versions prior to 10
**Description**
The issue concerns the POWER9 backend in GNU Compiler Collection (GCC) where the optimizer could reduce the entropy of the random number generator by combining multiple calls of the ` builtin darn` intrinsic into a single call. This happened because the operation was not marked as volatile. As a result, within a single program execution, every call to ` builtin darn()` might produce the same output.
**Recommendations**
For versions prior to 10, update to version 10 or later to resolve the issue.