SB2026052808 - Fedora 45 update for dolphin-emu

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2026052808

SB2026052808 - Fedora 45 update for dolphin-emu

Published: May 28, 2026

Security Bulletin ID SB2026052808
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Local access
Highest impact Information disclosure

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Use of insufficiently random values (CVE-ID: CVE-2026-34871)

CWE-ID: CWE-330 - Use of Insufficiently Random Values

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local user to compromise cryptographic operations by causing the use of predictable random data.

The vulnerability exists due to improper fallback to /dev/urandom in entropy collection on Linux when getrandom() is unavailable or blocked. A local user can control the system state or restrict access to getrandom() to force the use of /dev/urandom during early boot, leading to insufficient entropy and predictable cryptographic outputs.

Devices without hardware random number generators are especially at risk during initial boot or OS installation. The issue affects Linux platforms where getrandom() is not available (kernel <3.17), blocked by sandboxing, or not supported by the C library.


Remediation

Install update from vendor's website.

References