Описание
Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| gcc-6 | not-affected | package | ||
| gcc-5 | not-affected | package | ||
| gcc-4.9 | not-affected | package | ||
| gcc-mingw-w64 | unfixed | package | ||
| mingw32 | removed | package | ||
| mingw32 | no-dsa | wheezy | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=1324759
Missing security feature, not a direct vulnerability
Связанные уязвимости
Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.
Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.
Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.
Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.