diff --git a/NEWS b/NEWS
index 953d0842db96f..278d157f39789 100644
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,9 @@ PHP                                                                        NEWS
 - GMP:
   . Properly implement GMP::__construct(). (nielsdos)
 
+- Random:
+  . Fix GH-10390 (Do not trust arc4random_buf() on glibc). (timwolla)
+
 - Standard:
   - Fixed bug GH-8086 (Introduce mail.mixed_lf_and_crlf INI). (Jakub Zelenka)
 
diff --git a/ext/random/random.c b/ext/random/random.c
index 64e30e5087186..dda57f0fe7d35 100644
--- a/ext/random/random.c
+++ b/ext/random/random.c
@@ -505,7 +505,7 @@ PHPAPI int php_random_bytes(void *bytes, size_t size, bool should_throw)
 		}
 		return FAILURE;
 	}
-#elif HAVE_DECL_ARC4RANDOM_BUF && ((defined(__OpenBSD__) && OpenBSD >= 201405) || (defined(__NetBSD__) && __NetBSD_Version__ >= 700000001) || defined(__APPLE__) || defined(__GLIBC__))
+#elif HAVE_DECL_ARC4RANDOM_BUF && ((defined(__OpenBSD__) && OpenBSD >= 201405) || (defined(__NetBSD__) && __NetBSD_Version__ >= 700000001) || defined(__APPLE__))
 	arc4random_buf(bytes, size);
 #else
 	size_t read_bytes = 0;