CVE-2013-5180

Name of the Vulnerable Software and Affected Versions Libc in Apple Mac OS X versions prior to 10.9

Description The issue concerns the production of predictable values by the srandomdev function in Libc when the kernel random-number generator is unavailable. This predictability can be exploited by context-dependent attackers to defeat cryptographic protection mechanisms, leveraging their knowledge of these values. The problem is related to a compiler-optimization issue.

Recommendations For versions prior to 10.9, update to version 10.9 or later to resolve the issue.