The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5276